sality

General

Target

3c2a31fa281d8a686a8125ca814214a3668d783c06fd1d45ad882db20b0fe850N.exe
Size

1021KB
Sample

241208-a6b4rasrhy
MD5

790d867c33b4b28a9d54c85d8ad2c980
SHA1

bff3455fe5071892101cab6c2df868f034c993ff
SHA256

3c2a31fa281d8a686a8125ca814214a3668d783c06fd1d45ad882db20b0fe850
SHA512

7c1bd41b36b00270f3ba2cc65bdf44f041ec2effafbec7093482654b41cf940f52b2a5697e21bc2ee2e20d1a1e2563eb56427da385b53e4a940d33ea3906c853
SSDEEP

24576:Bsc1yQpprv+w6gKrzFI+mLT3Pvm++G2R8:ZGox+yT32++

Score

10^/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  3c2a31fa281d8a686a8125ca814214a3668d783c06fd1d45ad882db20b0fe850N.exe
- Size
  
  1021KB
- MD5
  
  790d867c33b4b28a9d54c85d8ad2c980
- SHA1
  
  bff3455fe5071892101cab6c2df868f034c993ff
- SHA256
  
  3c2a31fa281d8a686a8125ca814214a3668d783c06fd1d45ad882db20b0fe850
- SHA512
  
  7c1bd41b36b00270f3ba2cc65bdf44f041ec2effafbec7093482654b41cf940f52b2a5697e21bc2ee2e20d1a1e2563eb56427da385b53e4a940d33ea3906c853
- SSDEEP
  
  24576:Bsc1yQpprv+w6gKrzFI+mLT3Pvm++G2R8:ZGox+yT32++
Score

10^/10

sality backdoor discovery upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- Sality family
  sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Sality family

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2