sality | 59b7817b9c915c9e0dc87b390f5c77f29662c0b74dcce831a94546dd8e6dbee9 | Triage

Sharing

General

Target

59b7817b9c915c9e0dc87b390f5c77f29662c0b74dcce831a94546dd8e6dbee9
Size

269KB
Sample

240525-yymsaahc58
MD5

e3fb8c1d7a70aafd9808fc5dc64dafbb
SHA1

47354f483f319c51165b9024cd2f60980fe28a88
SHA256

59b7817b9c915c9e0dc87b390f5c77f29662c0b74dcce831a94546dd8e6dbee9
SHA512

9dc41fdf50b23dc90d208436ddc5803c5e5ec5c3b35e938ddf5e9b7c3c721cd8592fc76935487c2ac312ed60e355d790308b56669b7d1977f8e5e93720cc53e9
SSDEEP

3072:9BHrfzYwc6X/YbW4l/DReos0gXf+EvC6C36eCWdMuoB+ruHVGgCFBx7Gcf5j74e7:9XANl/DRfkTC3dM7B+mClA81KeOg

Score

10^/10

sality backdoor upx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  59b7817b9c915c9e0dc87b390f5c77f29662c0b74dcce831a94546dd8e6dbee9
- Size
  
  269KB
- MD5
  
  e3fb8c1d7a70aafd9808fc5dc64dafbb
- SHA1
  
  47354f483f319c51165b9024cd2f60980fe28a88
- SHA256
  
  59b7817b9c915c9e0dc87b390f5c77f29662c0b74dcce831a94546dd8e6dbee9
- SHA512
  
  9dc41fdf50b23dc90d208436ddc5803c5e5ec5c3b35e938ddf5e9b7c3c721cd8592fc76935487c2ac312ed60e355d790308b56669b7d1977f8e5e93720cc53e9
- SSDEEP
  
  3072:9BHrfzYwc6X/YbW4l/DReos0gXf+EvC6C36eCWdMuoB+ruHVGgCFBx7Gcf5j74e7:9XANl/DRfkTC3dM7B+mClA81KeOg
Score

10^/10

sality backdoor upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

salitybackdoorupx