sality | 9f8813c79d58472262ad82d22b089cfdf3b0affe3db4cf8dc1cf7cc967f44bb3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8817fc2b9da13a90e30a1fd2a3afe59d_JaffaCakes118
Size

140KB
Sample

240810-3enbxsxhkc
MD5

8817fc2b9da13a90e30a1fd2a3afe59d
SHA1

00cb7a587753ecbce9529f5f3e7eda06ba121b2b
SHA256

9f8813c79d58472262ad82d22b089cfdf3b0affe3db4cf8dc1cf7cc967f44bb3
SHA512

b2aeaa5d1d1a8d76c151b03336b308fe5ae8c5caf88a7f359853b6096a798aff071999d29ad843761e2c040dd9f6f6d685a1f2eaa2f8214b5ddabb1a43a66c7f
SSDEEP

3072:veBVltRoqgT0iCX3madhPoYYKXhwPNYHxq:virKTjCmad+J4hYKq

Score

10^/10

sality backdoor discovery evasion trojan upx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  8817fc2b9da13a90e30a1fd2a3afe59d_JaffaCakes118
- Size
  
  140KB
- MD5
  
  8817fc2b9da13a90e30a1fd2a3afe59d
- SHA1
  
  00cb7a587753ecbce9529f5f3e7eda06ba121b2b
- SHA256
  
  9f8813c79d58472262ad82d22b089cfdf3b0affe3db4cf8dc1cf7cc967f44bb3
- SHA512
  
  b2aeaa5d1d1a8d76c151b03336b308fe5ae8c5caf88a7f359853b6096a798aff071999d29ad843761e2c040dd9f6f6d685a1f2eaa2f8214b5ddabb1a43a66c7f
- SSDEEP
  
  3072:veBVltRoqgT0iCX3madhPoYYKXhwPNYHxq:virKTjCmad+J4hYKq
Score

10^/10

discovery sality backdoor evasion trojan upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- UAC bypass
  evasion trojan
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

salitybackdoordiscoveryevasiontrojanupx