General
-
Target
377765e6db9b32b31178abcc12f75be26dc381bc0376466fa92334030bcc00e3.exe
-
Size
483KB
-
Sample
241217-z8961aykgw
-
MD5
2338d9dd5a26364c6ad63ea403f5208d
-
SHA1
22c8fcce2b983ac77a50b2b21e355801173be2cc
-
SHA256
377765e6db9b32b31178abcc12f75be26dc381bc0376466fa92334030bcc00e3
-
SHA512
ba9b56a2a45e05633e326490fef66840fb543875f34375ef29997b91fb6acbda0c2a97ed5096936f63a27aad56ea817e4fc817716f116c7fe5c25f0b30cdae21
-
SSDEEP
12288:7ORXMExJ7REzeA82PYY6ZaHHBQQvJfOAaygfGhfh1auuZrgZDj:7OR8I7WzeA8EYY6ZKhQQvVOAaycGhfhH
Static task
static1
Behavioral task
behavioral1
Sample
377765e6db9b32b31178abcc12f75be26dc381bc0376466fa92334030bcc00e3.exe
Resource
win7-20240729-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
377765e6db9b32b31178abcc12f75be26dc381bc0376466fa92334030bcc00e3.exe
-
Size
483KB
-
MD5
2338d9dd5a26364c6ad63ea403f5208d
-
SHA1
22c8fcce2b983ac77a50b2b21e355801173be2cc
-
SHA256
377765e6db9b32b31178abcc12f75be26dc381bc0376466fa92334030bcc00e3
-
SHA512
ba9b56a2a45e05633e326490fef66840fb543875f34375ef29997b91fb6acbda0c2a97ed5096936f63a27aad56ea817e4fc817716f116c7fe5c25f0b30cdae21
-
SSDEEP
12288:7ORXMExJ7REzeA82PYY6ZaHHBQQvJfOAaygfGhfh1auuZrgZDj:7OR8I7WzeA8EYY6ZKhQQvVOAaycGhfhH
-
Modifies firewall policy service
-
Sality family
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5