General
-
Target
f55b4ad27fd94b0aaa08dd111af7f6c0b49086b756fb216ca5662d4dc733ddb5
-
Size
4.0MB
-
Sample
240221-jd83fsdd57
-
MD5
d820d74021ee80017eaa4166497d2b51
-
SHA1
2a7e80596843c7def38ec827e9c2843f1d2593af
-
SHA256
f55b4ad27fd94b0aaa08dd111af7f6c0b49086b756fb216ca5662d4dc733ddb5
-
SHA512
a9b414b40b25d518e465fc4d8bdd4ff082e08c5d21966f8acf0a93f6367fc48adb123c5e0a82560bf39e91d2abf42336ffcea9a045e252658ef01b3ec96104c4
-
SSDEEP
49152:7YbVtuKvKlSA+n32pWx43UxThfAToiqScjc3tus:7+tvgz+n32kCUxT6og
Static task
static1
Behavioral task
behavioral1
Sample
f55b4ad27fd94b0aaa08dd111af7f6c0b49086b756fb216ca5662d4dc733ddb5.exe
Resource
win7-20231215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
f55b4ad27fd94b0aaa08dd111af7f6c0b49086b756fb216ca5662d4dc733ddb5
-
Size
4.0MB
-
MD5
d820d74021ee80017eaa4166497d2b51
-
SHA1
2a7e80596843c7def38ec827e9c2843f1d2593af
-
SHA256
f55b4ad27fd94b0aaa08dd111af7f6c0b49086b756fb216ca5662d4dc733ddb5
-
SHA512
a9b414b40b25d518e465fc4d8bdd4ff082e08c5d21966f8acf0a93f6367fc48adb123c5e0a82560bf39e91d2abf42336ffcea9a045e252658ef01b3ec96104c4
-
SSDEEP
49152:7YbVtuKvKlSA+n32pWx43UxThfAToiqScjc3tus:7+tvgz+n32kCUxT6og
-
Modifies firewall policy service
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1