General
-
Target
9ee5c293fac6b2ffe814f7f1ed5ab2e5bfc6aaf08743fd511d287be4acbd7459N.exe
-
Size
5.0MB
-
Sample
241219-acxtcsynbq
-
MD5
d33d518c6c805441b419c70412a97b60
-
SHA1
3daf435e9efc960a4af1938feb213b59ae62635b
-
SHA256
9ee5c293fac6b2ffe814f7f1ed5ab2e5bfc6aaf08743fd511d287be4acbd7459
-
SHA512
9a4add731a1d0fd00c13b7a1bf82c5f19e3378b7fe70dae03c71eb89be470751034b7fbc39fff3bef14efd0a61aed836db37a4363187010f837c187e02cda89e
-
SSDEEP
98304:gqTQ5IvXDChYELUJkTWV+r6zT0o4f1TzGOnfFbAhNNSWwyvYKM8m:RTQ5IvXDCOMU+TZ6zgPbAhNmyvYl
Static task
static1
Behavioral task
behavioral1
Sample
9ee5c293fac6b2ffe814f7f1ed5ab2e5bfc6aaf08743fd511d287be4acbd7459N.exe
Resource
win7-20240729-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
9ee5c293fac6b2ffe814f7f1ed5ab2e5bfc6aaf08743fd511d287be4acbd7459N.exe
-
Size
5.0MB
-
MD5
d33d518c6c805441b419c70412a97b60
-
SHA1
3daf435e9efc960a4af1938feb213b59ae62635b
-
SHA256
9ee5c293fac6b2ffe814f7f1ed5ab2e5bfc6aaf08743fd511d287be4acbd7459
-
SHA512
9a4add731a1d0fd00c13b7a1bf82c5f19e3378b7fe70dae03c71eb89be470751034b7fbc39fff3bef14efd0a61aed836db37a4363187010f837c187e02cda89e
-
SSDEEP
98304:gqTQ5IvXDChYELUJkTWV+r6zT0o4f1TzGOnfFbAhNNSWwyvYKM8m:RTQ5IvXDCOMU+TZ6zgPbAhNmyvYl
-
Modifies firewall policy service
-
Sality family
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5