sality

General

Target

bb74e82c60ba3f0b2723ec98844fb06ebcd08f022144a9619d328460e74c8418
Size

397KB
Sample

241213-gy63gszrav
MD5

35bb1c1833daa10b7103d7bdfb3fedf5
SHA1

14b8577e12a097994465569930a6c905f8a74d71
SHA256

bb74e82c60ba3f0b2723ec98844fb06ebcd08f022144a9619d328460e74c8418
SHA512

36eb7ea412daf08902d6fb26d9cc32488f9a62bd600b2563473492ed587588fef46baecfa61bbe3f0064f4fd3520b3e9039768cd1f7ba458cbc10b4dcacd68bf
SSDEEP

12288:MdqzD/U2qLyYFse4ifaSbbg64eSHAbn5TN:MdFKe4eHj4xgN

Score

10^/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  bb74e82c60ba3f0b2723ec98844fb06ebcd08f022144a9619d328460e74c8418
- Size
  
  397KB
- MD5
  
  35bb1c1833daa10b7103d7bdfb3fedf5
- SHA1
  
  14b8577e12a097994465569930a6c905f8a74d71
- SHA256
  
  bb74e82c60ba3f0b2723ec98844fb06ebcd08f022144a9619d328460e74c8418
- SHA512
  
  36eb7ea412daf08902d6fb26d9cc32488f9a62bd600b2563473492ed587588fef46baecfa61bbe3f0064f4fd3520b3e9039768cd1f7ba458cbc10b4dcacd68bf
- SSDEEP
  
  12288:MdqzD/U2qLyYFse4ifaSbbg64eSHAbn5TN:MdFKe4eHj4xgN
Score

10^/10

sality backdoor discovery upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- Sality family
  sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Sality family

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2