General
-
Target
93caddc66fb953d57f341683a4d14bad0dcf94d18052d266010a9ae569c0aefaN
-
Size
120KB
-
Sample
241110-s4269szelf
-
MD5
ea9cdf4d2d178396d99f61b515402ca0
-
SHA1
ef6543e6d01dd7ad4883585f82de172ed59560ca
-
SHA256
93caddc66fb953d57f341683a4d14bad0dcf94d18052d266010a9ae569c0aefa
-
SHA512
fdd5c6bc31b9ecbe801e0b5d860ba3586c53fa6b80a020cfe932c27cdbb710bef329f30e7f894bbcaaf3cfbb67a9b720844c14636ccf92615f27f0d7368fc3e9
-
SSDEEP
1536:nyZhxMtiic0kIC0QVX0eCFy5CP9UvxQY2t3abISd/dt+gwthopVbSXeAtEHA:nyJdy1QN0eCFyIm2qbISUztXFtuA
Static task
static1
Behavioral task
behavioral1
Sample
93caddc66fb953d57f341683a4d14bad0dcf94d18052d266010a9ae569c0aefaN.dll
Resource
win7-20240903-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
93caddc66fb953d57f341683a4d14bad0dcf94d18052d266010a9ae569c0aefaN
-
Size
120KB
-
MD5
ea9cdf4d2d178396d99f61b515402ca0
-
SHA1
ef6543e6d01dd7ad4883585f82de172ed59560ca
-
SHA256
93caddc66fb953d57f341683a4d14bad0dcf94d18052d266010a9ae569c0aefa
-
SHA512
fdd5c6bc31b9ecbe801e0b5d860ba3586c53fa6b80a020cfe932c27cdbb710bef329f30e7f894bbcaaf3cfbb67a9b720844c14636ccf92615f27f0d7368fc3e9
-
SSDEEP
1536:nyZhxMtiic0kIC0QVX0eCFy5CP9UvxQY2t3abISd/dt+gwthopVbSXeAtEHA:nyJdy1QN0eCFyIm2qbISUztXFtuA
-
Modifies firewall policy service
-
Sality family
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5