sality

General

Target

742b678b7b902c446cf512a819932d90N.exe
Size

264KB
Sample

240806-hscgcswgke
MD5

742b678b7b902c446cf512a819932d90
SHA1

52b9608e92b20c1802fc4dbd6379ca3200c23dde
SHA256

b13b59494d9d679c55164408f377afc8ef0d1606a3c5ed4998ccf8cd6c4ff3ae
SHA512

3f521e1298818c7f81b630dc3a9f3f5ad08e4f2aef39a43c9c68c4517b75ce2913bc87fc6036c756fb098a7e4d198fad8eb55ec79ec4d0dd9657713c90985643
SSDEEP

6144:qLXmqo7WwNKM9EFhrcEvLK7J7y1HHpEbtrVQC:E2qSWvM9EFpcEvLKFsHpEphj

Score

10^/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  742b678b7b902c446cf512a819932d90N.exe
- Size
  
  264KB
- MD5
  
  742b678b7b902c446cf512a819932d90
- SHA1
  
  52b9608e92b20c1802fc4dbd6379ca3200c23dde
- SHA256
  
  b13b59494d9d679c55164408f377afc8ef0d1606a3c5ed4998ccf8cd6c4ff3ae
- SHA512
  
  3f521e1298818c7f81b630dc3a9f3f5ad08e4f2aef39a43c9c68c4517b75ce2913bc87fc6036c756fb098a7e4d198fad8eb55ec79ec4d0dd9657713c90985643
- SSDEEP
  
  6144:qLXmqo7WwNKM9EFhrcEvLK7J7y1HHpEbtrVQC:E2qSWvM9EFpcEvLKFsHpEphj
Score

10^/10

sality backdoor discovery upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2