General
-
Target
959cae4be54c7411bbd4bc3c228364fe10530ec93c6935851c4413a80d63396c
-
Size
81KB
-
Sample
241219-aprswazjbq
-
MD5
60d7282c7bff18e91465bfb0546655e4
-
SHA1
2fb36fb01c9651fcd14b6c19244e1ca5fd2afeb1
-
SHA256
959cae4be54c7411bbd4bc3c228364fe10530ec93c6935851c4413a80d63396c
-
SHA512
6ef6c1eab4a95583d889b51e75aa8e83a975e9593f1e89dc2a4f1c19174ed2644a84897b71b7c0ab1b9fc07d6db9861a670b0decd56ca81f7c19bfa40cf3eff0
-
SSDEEP
1536:Ut0IjBp7Z8VNgIQrzjsh5Jtk5Hii53jmxhOvivC3yTcntSaqG91Hut:vUB56aHfQxhTC9tSFG910
Static task
static1
Behavioral task
behavioral1
Sample
959cae4be54c7411bbd4bc3c228364fe10530ec93c6935851c4413a80d63396c.exe
Resource
win7-20241023-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
959cae4be54c7411bbd4bc3c228364fe10530ec93c6935851c4413a80d63396c
-
Size
81KB
-
MD5
60d7282c7bff18e91465bfb0546655e4
-
SHA1
2fb36fb01c9651fcd14b6c19244e1ca5fd2afeb1
-
SHA256
959cae4be54c7411bbd4bc3c228364fe10530ec93c6935851c4413a80d63396c
-
SHA512
6ef6c1eab4a95583d889b51e75aa8e83a975e9593f1e89dc2a4f1c19174ed2644a84897b71b7c0ab1b9fc07d6db9861a670b0decd56ca81f7c19bfa40cf3eff0
-
SSDEEP
1536:Ut0IjBp7Z8VNgIQrzjsh5Jtk5Hii53jmxhOvivC3yTcntSaqG91Hut:vUB56aHfQxhTC9tSFG910
-
Modifies firewall policy service
-
Sality family
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5