General
-
Target
188404124e80dd746f7a3eef0e3c058f3ca20a28f61e05e0e874d9d3d8766f6a
-
Size
11.5MB
-
Sample
240331-rax5sade56
-
MD5
28888bd9ca38693de7a63b68b49ea57e
-
SHA1
33386637a11a825a77d38336f6435199d460b1f4
-
SHA256
188404124e80dd746f7a3eef0e3c058f3ca20a28f61e05e0e874d9d3d8766f6a
-
SHA512
9f6ff1be7bc3e164c2a975213d77bc6bf5f2db35246758bf9c9eb7b40241b0d096e4e32c329abc4adba1eba8da20e9d1b8711ed9803b454aee8386bce57a9962
-
SSDEEP
196608:vwwmggPmkzg3h4kwDy9cWWfIqw2XRJ2NFEzvwr3RDjRJQLY1vaWoA7fxFgRg8y:vjqx0R9kyTWfnwkRINmTyFjILcvabArL
Static task
static1
Behavioral task
behavioral1
Sample
188404124e80dd746f7a3eef0e3c058f3ca20a28f61e05e0e874d9d3d8766f6a.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
188404124e80dd746f7a3eef0e3c058f3ca20a28f61e05e0e874d9d3d8766f6a
-
Size
11.5MB
-
MD5
28888bd9ca38693de7a63b68b49ea57e
-
SHA1
33386637a11a825a77d38336f6435199d460b1f4
-
SHA256
188404124e80dd746f7a3eef0e3c058f3ca20a28f61e05e0e874d9d3d8766f6a
-
SHA512
9f6ff1be7bc3e164c2a975213d77bc6bf5f2db35246758bf9c9eb7b40241b0d096e4e32c329abc4adba1eba8da20e9d1b8711ed9803b454aee8386bce57a9962
-
SSDEEP
196608:vwwmggPmkzg3h4kwDy9cWWfIqw2XRJ2NFEzvwr3RDjRJQLY1vaWoA7fxFgRg8y:vjqx0R9kyTWfnwkRINmTyFjILcvabArL
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1