sality | 72e51dd5dfd89390290274a3eb4e3c2e5acbc8321c7b040b8769af7dd7f4f1fe | Triage

Submit
Reports

Overview

overview

Static

static

3

72e51dd5df...fe.exe

windows7-x64

3

72e51dd5df...fe.exe

windows10-2004-x64

Sharing

General

Target

72e51dd5dfd89390290274a3eb4e3c2e5acbc8321c7b040b8769af7dd7f4f1fe
Size

3.2MB
Sample

240308-rlpmsahb26
MD5

594da658453b4ecb2fdc74df71f434b5
SHA1

b9633e10c5d4c94f8ac8b0866adb012005deab5e
SHA256

72e51dd5dfd89390290274a3eb4e3c2e5acbc8321c7b040b8769af7dd7f4f1fe
SHA512

f504a8f394bbb049aabf479f462a9c318d0fa9d2efee8d4daf06303c65c33c406f01f3262c48a6caa4802ef2d1e8e3e0ed40f38a1910d8afb66c96e6d878824f
SSDEEP

98304:JqcHd9dChDBdG26666666666666666666666666666666x666666666666666fw8:JqcHZChfGcwM0lq

Score

10^/10

sality backdoor upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

72e51dd5dfd89390290274a3eb4e3c2e5acbc8321c7b040b8769af7dd7f4f1fe.exe

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

72e51dd5dfd89390290274a3eb4e3c2e5acbc8321c7b040b8769af7dd7f4f1fe.exe

Resource

win10v2004-20240226-en

sality backdoor upx

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  72e51dd5dfd89390290274a3eb4e3c2e5acbc8321c7b040b8769af7dd7f4f1fe
- Size
  
  3.2MB
- MD5
  
  594da658453b4ecb2fdc74df71f434b5
- SHA1
  
  b9633e10c5d4c94f8ac8b0866adb012005deab5e
- SHA256
  
  72e51dd5dfd89390290274a3eb4e3c2e5acbc8321c7b040b8769af7dd7f4f1fe
- SHA512
  
  f504a8f394bbb049aabf479f462a9c318d0fa9d2efee8d4daf06303c65c33c406f01f3262c48a6caa4802ef2d1e8e3e0ed40f38a1910d8afb66c96e6d878824f
- SSDEEP
  
  98304:JqcHd9dChDBdG26666666666666666666666666666666x666666666666666fw8:JqcHZChfGcwM0lq
Score

10^/10

sality backdoor upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

salitybackdoorupx

© 2018-2024

Terms | Privacy