General
-
Target
8d3d65625145604e06fa4e9c03701968316c2cb64927797960caa1abd1ae6659
-
Size
270KB
-
Sample
241217-28a31stkhm
-
MD5
f5552d2a3d4ed5c807a8a1bc0b064a02
-
SHA1
fa50adc26460a94948c52200185f3194475f5edd
-
SHA256
8d3d65625145604e06fa4e9c03701968316c2cb64927797960caa1abd1ae6659
-
SHA512
b0f60798961eae6c341160d6df49c3729c346272100af7908b32899e1eaeb07b2a7054f7dc17c3f1e449a730e71a9c644df5dce64907f8dc906d3deb44a17432
-
SSDEEP
6144:AIZTK/5JUBjUJvMqK4/B4nkZFXJ1sszbekc7yfYnM9X6Ebix:AIxKhqpUo4/BK0Fos+ZOt9Xjbq
Static task
static1
Behavioral task
behavioral1
Sample
8d3d65625145604e06fa4e9c03701968316c2cb64927797960caa1abd1ae6659.exe
Resource
win7-20241010-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
8d3d65625145604e06fa4e9c03701968316c2cb64927797960caa1abd1ae6659
-
Size
270KB
-
MD5
f5552d2a3d4ed5c807a8a1bc0b064a02
-
SHA1
fa50adc26460a94948c52200185f3194475f5edd
-
SHA256
8d3d65625145604e06fa4e9c03701968316c2cb64927797960caa1abd1ae6659
-
SHA512
b0f60798961eae6c341160d6df49c3729c346272100af7908b32899e1eaeb07b2a7054f7dc17c3f1e449a730e71a9c644df5dce64907f8dc906d3deb44a17432
-
SSDEEP
6144:AIZTK/5JUBjUJvMqK4/B4nkZFXJ1sszbekc7yfYnM9X6Ebix:AIxKhqpUo4/BK0Fos+ZOt9Xjbq
-
Modifies firewall policy service
-
Sality family
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5