General
-
Target
64fc6b9e49f2ec599b15851b31d2d904a9f55f3e9a6c510ce3d85838c0361d20N.exe
-
Size
97KB
-
Sample
241219-3hmjsstmak
-
MD5
8391f66f9830f6fb52d38dbe4cfda9e0
-
SHA1
5ec0954daf4282eff6d58fa53a84ea80abced59c
-
SHA256
64fc6b9e49f2ec599b15851b31d2d904a9f55f3e9a6c510ce3d85838c0361d20
-
SHA512
f7d113e48cae85b8af6c605d3925effe8de10faf2724009de9856879355dcd99fc2e2755a1c863c3fff55ce64113ed265774598116cda346efdae83926fea17c
-
SSDEEP
1536:hbaTAc0QEb4zd8gIwgzTMw16sE7uRJanWig9BOK8u74O/hDVGDu:Ba8pbM8gIbhFRR58uMO/hDSu
Static task
static1
Behavioral task
behavioral1
Sample
64fc6b9e49f2ec599b15851b31d2d904a9f55f3e9a6c510ce3d85838c0361d20N.exe
Resource
win7-20240903-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
64fc6b9e49f2ec599b15851b31d2d904a9f55f3e9a6c510ce3d85838c0361d20N.exe
-
Size
97KB
-
MD5
8391f66f9830f6fb52d38dbe4cfda9e0
-
SHA1
5ec0954daf4282eff6d58fa53a84ea80abced59c
-
SHA256
64fc6b9e49f2ec599b15851b31d2d904a9f55f3e9a6c510ce3d85838c0361d20
-
SHA512
f7d113e48cae85b8af6c605d3925effe8de10faf2724009de9856879355dcd99fc2e2755a1c863c3fff55ce64113ed265774598116cda346efdae83926fea17c
-
SSDEEP
1536:hbaTAc0QEb4zd8gIwgzTMw16sE7uRJanWig9BOK8u74O/hDVGDu:Ba8pbM8gIbhFRR58uMO/hDSu
-
Modifies firewall policy service
-
Sality family
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5