sality

General

Target

788e473e0a12b0cc4a3cad1b96645f18b4a8440d1cba073c40515af71190fa2d
Size

125KB
Sample

241215-se8yhsxpes
MD5

b6c4e1f499205fcaa35a274bfdbf2b16
SHA1

22c409d4665284d8e2a57b5e670de60977d7e601
SHA256

788e473e0a12b0cc4a3cad1b96645f18b4a8440d1cba073c40515af71190fa2d
SHA512

5c778036845cb16e8c77cf81601775ecaa6abd4201d86ff6c015375f55344e171b2e104f951558e542472de066c0a1c7be5ee4b11cccab4b98f5cb7cdf2842bf
SSDEEP

3072:tg9xG/YToQocenrC9jBR1IcGprVjc115zbdXNdbo:29ypLC5cp2194

Score

10^/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  788e473e0a12b0cc4a3cad1b96645f18b4a8440d1cba073c40515af71190fa2d
- Size
  
  125KB
- MD5
  
  b6c4e1f499205fcaa35a274bfdbf2b16
- SHA1
  
  22c409d4665284d8e2a57b5e670de60977d7e601
- SHA256
  
  788e473e0a12b0cc4a3cad1b96645f18b4a8440d1cba073c40515af71190fa2d
- SHA512
  
  5c778036845cb16e8c77cf81601775ecaa6abd4201d86ff6c015375f55344e171b2e104f951558e542472de066c0a1c7be5ee4b11cccab4b98f5cb7cdf2842bf
- SSDEEP
  
  3072:tg9xG/YToQocenrC9jBR1IcGprVjc115zbdXNdbo:29ypLC5cp2194
Score

10^/10

sality backdoor discovery upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- Sality family
  sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Sality family

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2