General

  • Target

    566cc4eb2ace005ec4aa66dbfb827f0c837935c412c838a2a1dc916d2e84bbe0N

  • Size

    116KB

  • Sample

    241109-mdqgws1rex

  • MD5

    386d03ebcc888b63ed93e2925ef51fa0

  • SHA1

    70ee76b54170ac9d84b41b6461ee360fcf1aa150

  • SHA256

    566cc4eb2ace005ec4aa66dbfb827f0c837935c412c838a2a1dc916d2e84bbe0

  • SHA512

    ba7be4e6c1ecd32606e6a7f160a26c9bec0ee9f9548726ef8d67d7dcc4414749ee9d16237d013f8a0ca2158c530a504c213ca71a4dccc14333680fb145982054

  • SSDEEP

    3072:USDADeak7dJHB/AykUo/Lao1FlrUy+55y31DAP+PfaqQ:USsQLH5AdX/LHT+7yOcm

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Targets

    • Target

      566cc4eb2ace005ec4aa66dbfb827f0c837935c412c838a2a1dc916d2e84bbe0N

    • Size

      116KB

    • MD5

      386d03ebcc888b63ed93e2925ef51fa0

    • SHA1

      70ee76b54170ac9d84b41b6461ee360fcf1aa150

    • SHA256

      566cc4eb2ace005ec4aa66dbfb827f0c837935c412c838a2a1dc916d2e84bbe0

    • SHA512

      ba7be4e6c1ecd32606e6a7f160a26c9bec0ee9f9548726ef8d67d7dcc4414749ee9d16237d013f8a0ca2158c530a504c213ca71a4dccc14333680fb145982054

    • SSDEEP

      3072:USDADeak7dJHB/AykUo/Lao1FlrUy+55y31DAP+PfaqQ:USsQLH5AdX/LHT+7yOcm

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

    • Sality family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks