General

  • Target

    052ec2791d27c0f34ddcbef7cceb5efd1bd76d11417b74ece3305d731af06518

  • Size

    259KB

  • Sample

    240221-ha2zasce51

  • MD5

    204f41920bf6d2ff8870d332335b48da

  • SHA1

    47de649d8d4645714727b01ae5a120398b099550

  • SHA256

    052ec2791d27c0f34ddcbef7cceb5efd1bd76d11417b74ece3305d731af06518

  • SHA512

    71636e8ada9c6f620c52726cced1a12840c7caf3798f481270d7386c0eb7f7e9f95235232eefd64dd5e8ea7b025a2da742cd7917a46f6b581a3bcb09ce12982b

  • SSDEEP

    6144:AWmcLfpKjILMsUYVaEEcUEE+d5QroH8eovtTe/l9S:zBLRKgMpYVaEEcUe5P8eee/l9S

Score
10/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      052ec2791d27c0f34ddcbef7cceb5efd1bd76d11417b74ece3305d731af06518

    • Size

      259KB

    • MD5

      204f41920bf6d2ff8870d332335b48da

    • SHA1

      47de649d8d4645714727b01ae5a120398b099550

    • SHA256

      052ec2791d27c0f34ddcbef7cceb5efd1bd76d11417b74ece3305d731af06518

    • SHA512

      71636e8ada9c6f620c52726cced1a12840c7caf3798f481270d7386c0eb7f7e9f95235232eefd64dd5e8ea7b025a2da742cd7917a46f6b581a3bcb09ce12982b

    • SSDEEP

      6144:AWmcLfpKjILMsUYVaEEcUEE+d5QroH8eovtTe/l9S:zBLRKgMpYVaEEcUe5P8eee/l9S

    Score
    10/10
    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks