Overview

overview

10

Static

static

3

d0a8acebfd...18.exe

windows7-x64

10

d0a8acebfd...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d0a8acebfd711962518e1e9e1c4ac50f_JaffaCakes118

  • Size

    863KB

  • Sample

    241207-e4ty1askdl

  • MD5

    d0a8acebfd711962518e1e9e1c4ac50f

  • SHA1

    66ae25f769d745d2a18f961192e4aec27856844c

  • SHA256

    9915ccf200db0cabfbda4d31f8a6f631ce028fe7ae614d7662cb8299e9d60512

  • SHA512

    e1464bf918b8620814c933ef115a2b08ae28de96d8e0070c572ca78387fb2a86c64a3eec31c54ce62d57d6c9d135e82ee52bc7f1763a27094bbf4ba511e627ba

  • SSDEEP

    12288:I2/P6XhbThRZxdL6FZnuThjUD2/QziqnJgqBxT84Mk55vwSj0N98e2FSAyueuhGu:I2/StpxNJUecJ9rLMk5CXZaSiMWl

Score
10/10
salitybackdoordiscoveryupx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Targets

    • Target

      d0a8acebfd711962518e1e9e1c4ac50f_JaffaCakes118

    • Size

      863KB

    • MD5

      d0a8acebfd711962518e1e9e1c4ac50f

    • SHA1

      66ae25f769d745d2a18f961192e4aec27856844c

    • SHA256

      9915ccf200db0cabfbda4d31f8a6f631ce028fe7ae614d7662cb8299e9d60512

    • SHA512

      e1464bf918b8620814c933ef115a2b08ae28de96d8e0070c572ca78387fb2a86c64a3eec31c54ce62d57d6c9d135e82ee52bc7f1763a27094bbf4ba511e627ba

    • SSDEEP

      12288:I2/P6XhbThRZxdL6FZnuThjUD2/QziqnJgqBxT84Mk55vwSj0N98e2FSAyueuhGu:I2/StpxNJUecJ9rLMk5CXZaSiMWl

    Score
    10/10
    salitybackdoordiscoveryupx

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

      backdoorsality

    • Sality family

      sality

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks