sality | d60e716d3c1b6cbf10fba7d9a9f176ac84b8eafc3483ea76bc52c857e1c0a6d3 | Triage

Sharing

General

Target

d60e716d3c1b6cbf10fba7d9a9f176ac84b8eafc3483ea76bc52c857e1c0a6d3N.exe
Size

116KB
Sample

241208-ae4ppaxjaj
MD5

694b6b8d650219ecdb0690e60fc6a8e0
SHA1

a650dd05511d04ffcb671cc3f09ff1dfd10ca0c8
SHA256

d60e716d3c1b6cbf10fba7d9a9f176ac84b8eafc3483ea76bc52c857e1c0a6d3
SHA512

0fd243fde3f3cb430e815f74c877ad2539ccb64d26436155bf575247c185ec231a26c981920b53befb862687feba829103d30da822689dbe4d9468a97a90c360
SSDEEP

3072:sSDADeak7dJHB/A7fwf6B70tYY0O+c7XISFOJ:sSsQLH5A0f6FiYq+as

Score

10^/10

sality backdoor discovery evasion trojan upx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Targets

- Target
  
  d60e716d3c1b6cbf10fba7d9a9f176ac84b8eafc3483ea76bc52c857e1c0a6d3N.exe
- Size
  
  116KB
- MD5
  
  694b6b8d650219ecdb0690e60fc6a8e0
- SHA1
  
  a650dd05511d04ffcb671cc3f09ff1dfd10ca0c8
- SHA256
  
  d60e716d3c1b6cbf10fba7d9a9f176ac84b8eafc3483ea76bc52c857e1c0a6d3
- SHA512
  
  0fd243fde3f3cb430e815f74c877ad2539ccb64d26436155bf575247c185ec231a26c981920b53befb862687feba829103d30da822689dbe4d9468a97a90c360
- SSDEEP
  
  3072:sSDADeak7dJHB/A7fwf6B70tYY0O+c7XISFOJ:sSsQLH5A0f6FiYq+as
Score

10^/10

sality backdoor evasion trojan upx discovery
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- Sality family
  sality
- Windows security bypass
  evasion trojan
- Windows security modification
  evasion trojan
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

salitybackdoorevasiontrojanupx

behavioral2