Overview

overview

10

Static

static

3

022d2acb85...cs.exe

windows7-x64

10

022d2acb85...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    022d2acb85a75f9d9ca9dfe4d77080d0_NeikiAnalytics

  • Size

    84KB

  • Sample

    240511-ph2rtsff7t

  • MD5

    022d2acb85a75f9d9ca9dfe4d77080d0

  • SHA1

    bcbcbc738344acd0f9ef50e79b4fa778ef3e8f7e

  • SHA256

    716677e61904a9448354a65475ef4f5230824f240ee70fab6a38c174fea6d298

  • SHA512

    9b414a48fb666318f639da63aca14759bbda456058e803da11da5cd4cb40362568e51fcec73d5b6027c8e77a79fe96770be43f8611f8b170993c42dbec161b9b

  • SSDEEP

    1536:xmkEfH3qpxQx2Mz3aFN4Si2AB2QpQGcoPdQXOmDeQOkhy/nybPZqOIh:xmkgHz30x+YOtHCD0kOnAhlIh

Score
10/10
salitybackdoorupx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Targets

    • Target

      022d2acb85a75f9d9ca9dfe4d77080d0_NeikiAnalytics

    • Size

      84KB

    • MD5

      022d2acb85a75f9d9ca9dfe4d77080d0

    • SHA1

      bcbcbc738344acd0f9ef50e79b4fa778ef3e8f7e

    • SHA256

      716677e61904a9448354a65475ef4f5230824f240ee70fab6a38c174fea6d298

    • SHA512

      9b414a48fb666318f639da63aca14759bbda456058e803da11da5cd4cb40362568e51fcec73d5b6027c8e77a79fe96770be43f8611f8b170993c42dbec161b9b

    • SSDEEP

      1536:xmkEfH3qpxQx2Mz3aFN4Si2AB2QpQGcoPdQXOmDeQOkhy/nybPZqOIh:xmkgHz30x+YOtHCD0kOnAhlIh

    Score
    10/10
    salitybackdoorupx

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

      backdoorsality

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks