General
-
Target
18322494bd42b15d074744776b9b14ac11ba8ec3a879c1801ce01e1fc3221ee3
-
Size
1.2MB
-
Sample
241213-h2j8ka1rgt
-
MD5
36e39c7a771051b2095b026b0772d89d
-
SHA1
749a8fb1beb0d9d4bff375ae6ed1ce0b3e926080
-
SHA256
18322494bd42b15d074744776b9b14ac11ba8ec3a879c1801ce01e1fc3221ee3
-
SHA512
c2daf87252252a341d22b47e6cc81a63a3ffaf7111b04ee059ce7ab4a6f810215e866f884ca468a50556ec658cc9fc27cc557e28e249fca8f39f2b1feda630aa
-
SSDEEP
24576:LiKMkLtX0AjXjwywjZ17ZypnsTYPK3NYL9Lj8y9/1AqufJje:nBhGTks0iA9HD9/1ZCC
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
18322494bd42b15d074744776b9b14ac11ba8ec3a879c1801ce01e1fc3221ee3
-
Size
1.2MB
-
MD5
36e39c7a771051b2095b026b0772d89d
-
SHA1
749a8fb1beb0d9d4bff375ae6ed1ce0b3e926080
-
SHA256
18322494bd42b15d074744776b9b14ac11ba8ec3a879c1801ce01e1fc3221ee3
-
SHA512
c2daf87252252a341d22b47e6cc81a63a3ffaf7111b04ee059ce7ab4a6f810215e866f884ca468a50556ec658cc9fc27cc557e28e249fca8f39f2b1feda630aa
-
SSDEEP
24576:LiKMkLtX0AjXjwywjZ17ZypnsTYPK3NYL9Lj8y9/1AqufJje:nBhGTks0iA9HD9/1ZCC
Score10/10-
Modifies firewall policy service
-
Sality
Sality is backdoor written in C++, first discovered in 2003.
-
Sality family
-
UAC bypass
-
Windows security bypass
-
Windows security modification
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5Pre-OS Boot
1Bootkit
1