Overview

overview

10

Static

static

3

3abe8be509...33.exe

windows7-x64

10

3abe8be509...33.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    3abe8be509d1331b879ade0eb4ebd2dc73c9272540eaa450c196667666c08033

  • Size

    280KB

  • Sample

    240418-x4e4ysdg9t

  • MD5

    8a30170d76bd4d59876b25eee9265fe7

  • SHA1

    fbabaebf0012e7936207ed9c5f40ed25ccd7170a

  • SHA256

    3abe8be509d1331b879ade0eb4ebd2dc73c9272540eaa450c196667666c08033

  • SHA512

    25c197e2ecaef707ef5dab9c813348fdd1169feea19afc92cfafda5819155be80701030c9081a3a0fdf97f623806bbccd62ee9ef7585ca17c6671b9ff653f214

  • SSDEEP

    6144:cMvrbjNIfLK90U22w4ZFOPL1XYfcKiX2g5yRCg9A:cQbjNIfk0B2wt9KiXxMRCg9A

Score
10/10
salitybackdoorupx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      3abe8be509d1331b879ade0eb4ebd2dc73c9272540eaa450c196667666c08033

    • Size

      280KB

    • MD5

      8a30170d76bd4d59876b25eee9265fe7

    • SHA1

      fbabaebf0012e7936207ed9c5f40ed25ccd7170a

    • SHA256

      3abe8be509d1331b879ade0eb4ebd2dc73c9272540eaa450c196667666c08033

    • SHA512

      25c197e2ecaef707ef5dab9c813348fdd1169feea19afc92cfafda5819155be80701030c9081a3a0fdf97f623806bbccd62ee9ef7585ca17c6671b9ff653f214

    • SSDEEP

      6144:cMvrbjNIfLK90U22w4ZFOPL1XYfcKiX2g5yRCg9A:cQbjNIfk0B2wt9KiXxMRCg9A

    Score
    10/10
    salitybackdoorupx

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

      backdoorsality

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks