General
-
Target
4a3492b2a01b91ba4c0cb7e0ef40c958c9983cbd2a5585aaa868ddb5586f178c
-
Size
2.2MB
-
Sample
240518-cxlb6sga5x
-
MD5
d720bc159389b4dde0573179835d37db
-
SHA1
298a968bc6c8af00249aa590113eb5689eb20bf1
-
SHA256
4a3492b2a01b91ba4c0cb7e0ef40c958c9983cbd2a5585aaa868ddb5586f178c
-
SHA512
ebdd26a66d028ac7bbc69f6a538725276f20ffbf0e5e3e8c826216b9ef165003e501a202c49696bfad3801506c708bc937db1a0f99d7fd5e7aeb605ce7821561
-
SSDEEP
49152:HKBMBggggM9QAVas9AzP9u6KyXVCYZj+KP/hsVfRfQ+tW:HQWAVahYbygRgh+
Static task
static1
Behavioral task
behavioral1
Sample
4a3492b2a01b91ba4c0cb7e0ef40c958c9983cbd2a5585aaa868ddb5586f178c.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
4a3492b2a01b91ba4c0cb7e0ef40c958c9983cbd2a5585aaa868ddb5586f178c
-
Size
2.2MB
-
MD5
d720bc159389b4dde0573179835d37db
-
SHA1
298a968bc6c8af00249aa590113eb5689eb20bf1
-
SHA256
4a3492b2a01b91ba4c0cb7e0ef40c958c9983cbd2a5585aaa868ddb5586f178c
-
SHA512
ebdd26a66d028ac7bbc69f6a538725276f20ffbf0e5e3e8c826216b9ef165003e501a202c49696bfad3801506c708bc937db1a0f99d7fd5e7aeb605ce7821561
-
SSDEEP
49152:HKBMBggggM9QAVas9AzP9u6KyXVCYZj+KP/hsVfRfQ+tW:HQWAVahYbygRgh+
-
Modifies firewall policy service
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1