General
-
Target
ac0d90faaa148c44a13fbc136efacbefa1e5752f1e5938db4dcb689604fedd96
-
Size
9.5MB
-
Sample
240221-kg2cfsdh35
-
MD5
f70a8ec57bdef1a3e01fd6b9f453e121
-
SHA1
dcbbb48bebfa193f559b7fe85769f39be99f67a4
-
SHA256
ac0d90faaa148c44a13fbc136efacbefa1e5752f1e5938db4dcb689604fedd96
-
SHA512
5e72dd4c8968226e451e49a3a8b93bef963dbe4d5a0fa92ec38e0fc55a1834d1456655b01f6175117b9fc9dbff924286a804abf7ce7d0eb193ea8416ef8afa3c
-
SSDEEP
196608:2WIHKtE+3uWvprwpJmT687bAYvMxH2BIQ4klUJ/8+Up3m:2GF3DM/mO8nAYvo2CQ4klUapW
Static task
static1
Behavioral task
behavioral1
Sample
ac0d90faaa148c44a13fbc136efacbefa1e5752f1e5938db4dcb689604fedd96.exe
Resource
win7-20231215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
ac0d90faaa148c44a13fbc136efacbefa1e5752f1e5938db4dcb689604fedd96
-
Size
9.5MB
-
MD5
f70a8ec57bdef1a3e01fd6b9f453e121
-
SHA1
dcbbb48bebfa193f559b7fe85769f39be99f67a4
-
SHA256
ac0d90faaa148c44a13fbc136efacbefa1e5752f1e5938db4dcb689604fedd96
-
SHA512
5e72dd4c8968226e451e49a3a8b93bef963dbe4d5a0fa92ec38e0fc55a1834d1456655b01f6175117b9fc9dbff924286a804abf7ce7d0eb193ea8416ef8afa3c
-
SSDEEP
196608:2WIHKtE+3uWvprwpJmT687bAYvMxH2BIQ4klUJ/8+Up3m:2GF3DM/mO8nAYvo2CQ4klUapW
-
Modifies firewall policy service
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1