sality | 02faa3771edcbd2acd53ca3683b5fdb90444ae4366a1af0f4b0d16c1e01554d7 | Triage

Submit
Reports

Overview

overview

Static

static

3

01be9b78d9...18.exe

windows7-x64

7

01be9b78d9...18.exe

windows10-2004-x64

Sharing

General

Target

01be9b78d9d793cf6293a3927c4cfe21_JaffaCakes118
Size

243KB
Sample

240620-bzs95a1fmh
MD5

01be9b78d9d793cf6293a3927c4cfe21
SHA1

78c7627c76938036313bdd19219635b0d93dc61d
SHA256

02faa3771edcbd2acd53ca3683b5fdb90444ae4366a1af0f4b0d16c1e01554d7
SHA512

deed1e7dee7c6b6ff9896798fc62ce4cb604b354780ee029fb2b59548c4569e06d3ed83453e9905f14024dedfd7d699e334d377db117f840de6d386a096a0e78
SSDEEP

3072:QwWfbXTUviL8pbCGKIpD/dvZKFU54Co5ncKgJ5pSElSVb9W5g1LMB3MTRKC:QTvQiIbHPdvZKFZ7Hg1SoSVb9Bb4C

Score

10^/10

sality backdoor upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

01be9b78d9d793cf6293a3927c4cfe21_JaffaCakes118.exe

Resource

win7-20240508-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

01be9b78d9d793cf6293a3927c4cfe21_JaffaCakes118.exe

Resource

win10v2004-20240611-en

sality backdoor upx

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Targets

- Target
  
  01be9b78d9d793cf6293a3927c4cfe21_JaffaCakes118
- Size
  
  243KB
- MD5
  
  01be9b78d9d793cf6293a3927c4cfe21
- SHA1
  
  78c7627c76938036313bdd19219635b0d93dc61d
- SHA256
  
  02faa3771edcbd2acd53ca3683b5fdb90444ae4366a1af0f4b0d16c1e01554d7
- SHA512
  
  deed1e7dee7c6b6ff9896798fc62ce4cb604b354780ee029fb2b59548c4569e06d3ed83453e9905f14024dedfd7d699e334d377db117f840de6d386a096a0e78
- SSDEEP
  
  3072:QwWfbXTUviL8pbCGKIpD/dvZKFU54Co5ncKgJ5pSElSVb9W5g1LMB3MTRKC:QTvQiIbHPdvZKFZ7Hg1SoSVb9Bb4C
Score

10^/10

upx sality backdoor
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

salitybackdoorupx

© 2018-2024

Terms | Privacy