Overview

overview

10

Static

static

3

dbae90f3c7...cs.exe

windows7-x64

7

dbae90f3c7...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dbae90f3c74d94bfc99e8c8a18807c20_NeikiAnalytics.exe

  • Size

    3.0MB

  • Sample

    240518-r8s9gsgg88

  • MD5

    dbae90f3c74d94bfc99e8c8a18807c20

  • SHA1

    5f73c8c2bdaee30a3d89cde1e0347bec94129f5a

  • SHA256

    3d075ed4a154f402fac57fe7e35bd064203ed3dfd613b31dbdddbbfbd9770447

  • SHA512

    5a1c3e53ac2b19f79f4468a846ef68c6d3688476a3162c5d20568e42ff8f8c6c9173a83a949fae4ea198d1a2314482d05dbfc40fdcd8e134d825b717d81abeaf

  • SSDEEP

    49152:HrhgxxwfQJv/IXvBEvR8lbnlZ2Tplb86dAehwaY19G1u7+L3CDm+T:HNQxwfiIfBgR8lblZ2TAHehvY19yu7+

Score
10/10
salitybackdoorupx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Targets

    • Target

      dbae90f3c74d94bfc99e8c8a18807c20_NeikiAnalytics.exe

    • Size

      3.0MB

    • MD5

      dbae90f3c74d94bfc99e8c8a18807c20

    • SHA1

      5f73c8c2bdaee30a3d89cde1e0347bec94129f5a

    • SHA256

      3d075ed4a154f402fac57fe7e35bd064203ed3dfd613b31dbdddbbfbd9770447

    • SHA512

      5a1c3e53ac2b19f79f4468a846ef68c6d3688476a3162c5d20568e42ff8f8c6c9173a83a949fae4ea198d1a2314482d05dbfc40fdcd8e134d825b717d81abeaf

    • SSDEEP

      49152:HrhgxxwfQJv/IXvBEvR8lbnlZ2Tplb86dAehwaY19G1u7+L3CDm+T:HNQxwfiIfBgR8lblZ2TAHehvY19yu7+

    Score
    10/10
    upxsalitybackdoor

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

      backdoorsality

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks