General
-
Target
201c7cd646f4cb7b8d0a630e9dc4b0658eaece7e9809b78f2e6228b3ef77e1bb
-
Size
2.5MB
-
Sample
240227-ynnxlaab26
-
MD5
5ebb44afe6be5a33527651a6a2f4b0cb
-
SHA1
26b5c8e47febbda0b8125936a02ac9969ac97d17
-
SHA256
201c7cd646f4cb7b8d0a630e9dc4b0658eaece7e9809b78f2e6228b3ef77e1bb
-
SHA512
3d2ed40857c5bbb97a53c1ed9b2ca68bbe6e2149af34af479f02c74702f967f4e86e744f2db6d06e96d73eb9c7906a3c96b1088441a3c6a56693e7d72ebd8009
-
SSDEEP
49152:DkOcXn1B22gcQSYTTDELCdxF7LlAoM7VIipJGUMXQTPJGwPO2VDI:AOcXe2dCdxF7L+F7qij1MXc1W
Static task
static1
Behavioral task
behavioral1
Sample
201c7cd646f4cb7b8d0a630e9dc4b0658eaece7e9809b78f2e6228b3ef77e1bb.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
201c7cd646f4cb7b8d0a630e9dc4b0658eaece7e9809b78f2e6228b3ef77e1bb
-
Size
2.5MB
-
MD5
5ebb44afe6be5a33527651a6a2f4b0cb
-
SHA1
26b5c8e47febbda0b8125936a02ac9969ac97d17
-
SHA256
201c7cd646f4cb7b8d0a630e9dc4b0658eaece7e9809b78f2e6228b3ef77e1bb
-
SHA512
3d2ed40857c5bbb97a53c1ed9b2ca68bbe6e2149af34af479f02c74702f967f4e86e744f2db6d06e96d73eb9c7906a3c96b1088441a3c6a56693e7d72ebd8009
-
SSDEEP
49152:DkOcXn1B22gcQSYTTDELCdxF7LlAoM7VIipJGUMXQTPJGwPO2VDI:AOcXe2dCdxF7L+F7qij1MXc1W
-
Modifies firewall policy service
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1