General
-
Target
7f7342bb44bc15922d3913bbae3cdffdb213cc48b0e4fbb025f47d538b372a22
-
Size
77KB
-
Sample
241218-aqws8atrgy
-
MD5
96ddbc7fb609443446cd8c782961dcad
-
SHA1
5e52beea80a2c3dd33cca3c502e06cabd76e84eb
-
SHA256
7f7342bb44bc15922d3913bbae3cdffdb213cc48b0e4fbb025f47d538b372a22
-
SHA512
2f5b2278e18a1b3e923c9a9bedde3f8030d78c9355b8d0d029fed63b710c259e2ad461e9b8dce76d3ea216f037c0bfd59e47082d12732345e9be40ebfaf4d3a7
-
SSDEEP
1536:pT5wSCldZ644QHZHYB1rLVPSULAjlvbVj7ylwyaCcA7qO/VTMSy7:pT5ifJ4B9LVPxAjrj7ylECcYX/VTMS2
Static task
static1
Behavioral task
behavioral1
Sample
7f7342bb44bc15922d3913bbae3cdffdb213cc48b0e4fbb025f47d538b372a22.exe
Resource
win7-20241010-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
7f7342bb44bc15922d3913bbae3cdffdb213cc48b0e4fbb025f47d538b372a22
-
Size
77KB
-
MD5
96ddbc7fb609443446cd8c782961dcad
-
SHA1
5e52beea80a2c3dd33cca3c502e06cabd76e84eb
-
SHA256
7f7342bb44bc15922d3913bbae3cdffdb213cc48b0e4fbb025f47d538b372a22
-
SHA512
2f5b2278e18a1b3e923c9a9bedde3f8030d78c9355b8d0d029fed63b710c259e2ad461e9b8dce76d3ea216f037c0bfd59e47082d12732345e9be40ebfaf4d3a7
-
SSDEEP
1536:pT5wSCldZ644QHZHYB1rLVPSULAjlvbVj7ylwyaCcA7qO/VTMSy7:pT5ifJ4B9LVPxAjrj7ylECcYX/VTMS2
-
Modifies firewall policy service
-
Sality family
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5