General
-
Target
fe0a4d4d23c9ead2f100e760c344b321
-
Size
4.5MB
-
Sample
240301-ajhm1sgd71
-
MD5
fe0a4d4d23c9ead2f100e760c344b321
-
SHA1
54c04b4c665ebadb6a29681dc9a3b74252859821
-
SHA256
4ef81e73170ec1138c62bd807d111c6cfa97d548772be19c707b22c3f256b8b6
-
SHA512
f8b689daf9923efe1af8d52b557c1d2c1833dbbf536ef9b8ff11083f5ceb452b9c4d5d979f450a3627ba1967654ac8e6736036e77ff9da55c88e568282d32518
-
SSDEEP
98304:2pf+3/59VHTRTboT7ei/HoF2SHpcBsP3F:KwJlcneQHoF2IpOs9
Static task
static1
Behavioral task
behavioral1
Sample
fe0a4d4d23c9ead2f100e760c344b321.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
fe0a4d4d23c9ead2f100e760c344b321
-
Size
4.5MB
-
MD5
fe0a4d4d23c9ead2f100e760c344b321
-
SHA1
54c04b4c665ebadb6a29681dc9a3b74252859821
-
SHA256
4ef81e73170ec1138c62bd807d111c6cfa97d548772be19c707b22c3f256b8b6
-
SHA512
f8b689daf9923efe1af8d52b557c1d2c1833dbbf536ef9b8ff11083f5ceb452b9c4d5d979f450a3627ba1967654ac8e6736036e77ff9da55c88e568282d32518
-
SSDEEP
98304:2pf+3/59VHTRTboT7ei/HoF2SHpcBsP3F:KwJlcneQHoF2IpOs9
-
Modifies firewall policy service
-
Detects executables packed with Sality Polymorphic Code Generator or Simple Poly Engine or Sality
-
UPX dump on OEP (original entry point)
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1