sality

General

Target

7c72e7a7ed7723a361a8d4685423065391971f019af6be9a7183df8af9ee972d
Size

105KB
Sample

241205-m499zs1pdt
MD5

a5466c12236df89b66f7c9c6151c5574
SHA1

02f690a63b04398a19a76941e91aa9047d75feb4
SHA256

7c72e7a7ed7723a361a8d4685423065391971f019af6be9a7183df8af9ee972d
SHA512

663debdc343b65bd9d2df046b63fa064004e6c1dfc4f56f6c67c8c837e0f10ecea4e5682b8a9bf8c5ff7ac3008e44e7592019d5f82e27aacef508351360d0d14
SSDEEP

3072:DYHBtmhfS1UBztB6FgYUy00+7GcjLvXq8l2:D0BIyUZPGgY/B+7GcjLi3

Score

10^/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  7c72e7a7ed7723a361a8d4685423065391971f019af6be9a7183df8af9ee972d
- Size
  
  105KB
- MD5
  
  a5466c12236df89b66f7c9c6151c5574
- SHA1
  
  02f690a63b04398a19a76941e91aa9047d75feb4
- SHA256
  
  7c72e7a7ed7723a361a8d4685423065391971f019af6be9a7183df8af9ee972d
- SHA512
  
  663debdc343b65bd9d2df046b63fa064004e6c1dfc4f56f6c67c8c837e0f10ecea4e5682b8a9bf8c5ff7ac3008e44e7592019d5f82e27aacef508351360d0d14
- SSDEEP
  
  3072:DYHBtmhfS1UBztB6FgYUy00+7GcjLvXq8l2:D0BIyUZPGgY/B+7GcjLi3
Score

10^/10

sality backdoor discovery upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- Sality family
  sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Sality family

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2