General

  • Target

    f5e13158ae81fc4851e70e5ed309f2980db1606ccdb368408e3faba5f94b85d2

  • Size

    259KB

  • Sample

    240519-rqnw2sbe45

  • MD5

    aa7ad5c09c5e5fd5d18c79452a9f2969

  • SHA1

    5cb8253932cb6549086d1d53bd12041b609819da

  • SHA256

    f5e13158ae81fc4851e70e5ed309f2980db1606ccdb368408e3faba5f94b85d2

  • SHA512

    030a180e7eddc0f15bb9ea43f3b8abfecdeefa8bae0b3983506e4c1f93909c67c70de6978f883909b06ee38d68fa27ae3a94db6f57347130a3593d023145903f

  • SSDEEP

    6144:qWmcLfpKjILMrUYVaEEcUEE+d8ECnsk59r+4ZWM5By9S:1BLRKgMoYVaEEcUe8ECnsuR+Yy9S

Score
10/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      f5e13158ae81fc4851e70e5ed309f2980db1606ccdb368408e3faba5f94b85d2

    • Size

      259KB

    • MD5

      aa7ad5c09c5e5fd5d18c79452a9f2969

    • SHA1

      5cb8253932cb6549086d1d53bd12041b609819da

    • SHA256

      f5e13158ae81fc4851e70e5ed309f2980db1606ccdb368408e3faba5f94b85d2

    • SHA512

      030a180e7eddc0f15bb9ea43f3b8abfecdeefa8bae0b3983506e4c1f93909c67c70de6978f883909b06ee38d68fa27ae3a94db6f57347130a3593d023145903f

    • SSDEEP

      6144:qWmcLfpKjILMrUYVaEEcUEE+d8ECnsk59r+4ZWM5By9S:1BLRKgMoYVaEEcUe8ECnsuR+Yy9S

    Score
    10/10
    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks