General
-
Target
aad50955611b85c545b165d067ed599c
-
Size
278KB
-
Sample
240228-dh2ahshh35
-
MD5
aad50955611b85c545b165d067ed599c
-
SHA1
b58e36d1f2a059c4b8a435abbfc475042a08730d
-
SHA256
44eb401df1af1febbc63df572534d65a5c597f57861fb1310f7e3f56e9604c74
-
SHA512
998e9fbec32881b012ff802cfc3500464f83291693dca29840488db69f0f394cb634190458653bf2c48540916e893bec6636bbe82ee9df2b5060b666547e3961
-
SSDEEP
6144:k1TrhLIsmHJomDuECgOuaAexQhXOVLwPy5NXUuyARS50oJ0b23DbhyuPK:KrhLNmpomDuE79BUQQVGyNlo1pS
Static task
static1
Behavioral task
behavioral1
Sample
aad50955611b85c545b165d067ed599c.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
aad50955611b85c545b165d067ed599c
-
Size
278KB
-
MD5
aad50955611b85c545b165d067ed599c
-
SHA1
b58e36d1f2a059c4b8a435abbfc475042a08730d
-
SHA256
44eb401df1af1febbc63df572534d65a5c597f57861fb1310f7e3f56e9604c74
-
SHA512
998e9fbec32881b012ff802cfc3500464f83291693dca29840488db69f0f394cb634190458653bf2c48540916e893bec6636bbe82ee9df2b5060b666547e3961
-
SSDEEP
6144:k1TrhLIsmHJomDuECgOuaAexQhXOVLwPy5NXUuyARS50oJ0b23DbhyuPK:KrhLNmpomDuE79BUQQVGyNlo1pS
-
Modifies firewall policy service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1