Overview

overview

10

Static

static

3

e242acc817...18.exe

windows7-x64

3

e242acc817...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e242acc81795abe6f71bba5be30631eb_JaffaCakes118

  • Size

    113KB

  • Sample

    241211-tpecbsvkep

  • MD5

    e242acc81795abe6f71bba5be30631eb

  • SHA1

    ba05ced6e04fd9405ad9eb205ca6fe90dc4a9049

  • SHA256

    e2e994c8f52ca3ea3c910736627c75afcdcde35433d76dc206a5565c3c3f152b

  • SHA512

    b4e87353bde2883ced7916357743632aa1b5129d3ede375bc334973adb391d077ae540bd623ce4f70920ad7648228b5ceeeca725840d8c2757024a8b22900208

  • SSDEEP

    1536:F1pIQo7gtNUkYvLSGb6l6vA4paxw9B7klSypRvD1VJTUKHBpZpigH4C5QMJER/R:zF3tNUkILfvAqaxw9BQ3pN/NVpbRuMuR

Score
10/10
salitybackdoordiscoveryevasiontrojanupx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      e242acc81795abe6f71bba5be30631eb_JaffaCakes118

    • Size

      113KB

    • MD5

      e242acc81795abe6f71bba5be30631eb

    • SHA1

      ba05ced6e04fd9405ad9eb205ca6fe90dc4a9049

    • SHA256

      e2e994c8f52ca3ea3c910736627c75afcdcde35433d76dc206a5565c3c3f152b

    • SHA512

      b4e87353bde2883ced7916357743632aa1b5129d3ede375bc334973adb391d077ae540bd623ce4f70920ad7648228b5ceeeca725840d8c2757024a8b22900208

    • SSDEEP

      1536:F1pIQo7gtNUkYvLSGb6l6vA4paxw9B7klSypRvD1VJTUKHBpZpigH4C5QMJER/R:zF3tNUkILfvAqaxw9BQ3pN/NVpbRuMuR

    Score
    10/10
    discoverysalitybackdoorevasiontrojanupx

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

      backdoorsality

    • Sality family

      sality

    • UAC bypass

      evasiontrojan

    • Checks whether UAC is enabled

      evasiontrojan

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks