General
-
Target
ca30d8ed477161e87f81bc80c3f66be28358d3d44f0d62716f55fcde4481ab61
-
Size
754KB
-
Sample
240517-3nca1shb6v
-
MD5
f1fdda86a94e2d1abbd244089d73752f
-
SHA1
70f8defd6b861717142d7db8a1fe2be6a34a5b13
-
SHA256
ca30d8ed477161e87f81bc80c3f66be28358d3d44f0d62716f55fcde4481ab61
-
SHA512
6a4fb99c397b55a61be466f52a83dd9fade0e022f5cd3cdb18411069cea6b0f2ae85f980555e62b710955ce1083ed11377c2bcce495f6a6012dd3e2b4325f18c
-
SSDEEP
6144:VQM3xHba9C4q/HVF7eHpnTHzJEWyLBMRJDL+gpFfD2l9pAZcXXkqD:V3x7a9a8HdPjX+gpFfDO0+XX
Static task
static1
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
ca30d8ed477161e87f81bc80c3f66be28358d3d44f0d62716f55fcde4481ab61
-
Size
754KB
-
MD5
f1fdda86a94e2d1abbd244089d73752f
-
SHA1
70f8defd6b861717142d7db8a1fe2be6a34a5b13
-
SHA256
ca30d8ed477161e87f81bc80c3f66be28358d3d44f0d62716f55fcde4481ab61
-
SHA512
6a4fb99c397b55a61be466f52a83dd9fade0e022f5cd3cdb18411069cea6b0f2ae85f980555e62b710955ce1083ed11377c2bcce495f6a6012dd3e2b4325f18c
-
SSDEEP
6144:VQM3xHba9C4q/HVF7eHpnTHzJEWyLBMRJDL+gpFfD2l9pAZcXXkqD:V3x7a9a8HdPjX+gpFfDO0+XX
-
Modifies firewall policy service
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3