Overview

overview

10

Static

static

3

2024-02-28...id.exe

windows7-x64

3

2024-02-28...id.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-28_10b1d6f37263b48f138340dea771872d_icedid

  • Size

    1.3MB

  • Sample

    240228-q16deada41

  • MD5

    10b1d6f37263b48f138340dea771872d

  • SHA1

    4657e253fc4ec23bb538321fdd7e2d3c67190b99

  • SHA256

    7b0d40904c59a4ad3992deedc39bebb42824a7b4f9d8c070c027d78e8be6d8a0

  • SHA512

    94f32f4476f0449036359bd03aea8532a383dc86b517273e316b2b9df9140d256e2b00154b2e4a49e34198d696925baf77c8aaa1e1d9622a1869068b69464f6f

  • SSDEEP

    12288:zrlmRj3oi/1iPEW9dhDsphEup6DlzQQlPBHKacPgJhLgv1zN2BSsPaHYtGyCRa:VmtYLPEShDSiup65lAgJhSoSoqRa

Score
10/10
salitybackdoorupx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      2024-02-28_10b1d6f37263b48f138340dea771872d_icedid

    • Size

      1.3MB

    • MD5

      10b1d6f37263b48f138340dea771872d

    • SHA1

      4657e253fc4ec23bb538321fdd7e2d3c67190b99

    • SHA256

      7b0d40904c59a4ad3992deedc39bebb42824a7b4f9d8c070c027d78e8be6d8a0

    • SHA512

      94f32f4476f0449036359bd03aea8532a383dc86b517273e316b2b9df9140d256e2b00154b2e4a49e34198d696925baf77c8aaa1e1d9622a1869068b69464f6f

    • SSDEEP

      12288:zrlmRj3oi/1iPEW9dhDsphEup6DlzQQlPBHKacPgJhLgv1zN2BSsPaHYtGyCRa:VmtYLPEShDSiup65lAgJhSoSoqRa

    Score
    10/10
    salitybackdoorupx

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

      backdoorsality

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks