General
-
Target
49147117c90b9b8c27574bc45d14d1e46d6882c93336524fd4e510497c88e994
-
Size
97KB
-
Sample
240422-1gg7ksgg3x
-
MD5
0231661dd609f656064aae1259156c0c
-
SHA1
37a8ea67048f2f62a46d3e034ce1c62c076c17ce
-
SHA256
49147117c90b9b8c27574bc45d14d1e46d6882c93336524fd4e510497c88e994
-
SHA512
907d0a5da9e0d1994e8a5b85cfad8760b438dd1e90d226d3a33aa101fcfbc9cb3439c2e8f101e8d49f8d75a0708a3999effe2b85c6dead9fecfa44901a661dbf
-
SSDEEP
1536:y/FnHTPDLCmxoWIePnMBRr/yVZVJkKtESgc/WXggOvdj+0nLUtOXfFgar+AOyY:yJHTPDLCnjOMzSZX0XqNvO1
Static task
static1
Behavioral task
behavioral1
Sample
49147117c90b9b8c27574bc45d14d1e46d6882c93336524fd4e510497c88e994.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
49147117c90b9b8c27574bc45d14d1e46d6882c93336524fd4e510497c88e994
-
Size
97KB
-
MD5
0231661dd609f656064aae1259156c0c
-
SHA1
37a8ea67048f2f62a46d3e034ce1c62c076c17ce
-
SHA256
49147117c90b9b8c27574bc45d14d1e46d6882c93336524fd4e510497c88e994
-
SHA512
907d0a5da9e0d1994e8a5b85cfad8760b438dd1e90d226d3a33aa101fcfbc9cb3439c2e8f101e8d49f8d75a0708a3999effe2b85c6dead9fecfa44901a661dbf
-
SSDEEP
1536:y/FnHTPDLCmxoWIePnMBRr/yVZVJkKtESgc/WXggOvdj+0nLUtOXfFgar+AOyY:yJHTPDLCnjOMzSZX0XqNvO1
-
Modifies firewall policy service
-
Detects executables packed with Sality Polymorphic Code Generator or Simple Poly Engine or Sality
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5