General
-
Target
864002315e536661b854caf916935ded11148990dc160834b0a306c73485c955N.exe
-
Size
780KB
-
Sample
241219-bn6q3s1nfp
-
MD5
0c8eccdbefc96776c9d8e219f9832340
-
SHA1
3db01ae1da1854a8ff8513eb4f342a72d274214f
-
SHA256
864002315e536661b854caf916935ded11148990dc160834b0a306c73485c955
-
SHA512
df0c99851c48dd205f0f896e0735ba4564afc0f99eec2d38951f13f689c597fff211e315cf9dc2b19625aab547b3b8df47edc5b8ff2fc2568d3eeaadc6044a7d
-
SSDEEP
24576:F0ZhDa7BatUBFM8su0ZjpXZN0FmEOGpYmh:FwWNFBFM8s9FpXHunh
Static task
static1
Behavioral task
behavioral1
Sample
864002315e536661b854caf916935ded11148990dc160834b0a306c73485c955N.exe
Resource
win7-20241010-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
864002315e536661b854caf916935ded11148990dc160834b0a306c73485c955N.exe
-
Size
780KB
-
MD5
0c8eccdbefc96776c9d8e219f9832340
-
SHA1
3db01ae1da1854a8ff8513eb4f342a72d274214f
-
SHA256
864002315e536661b854caf916935ded11148990dc160834b0a306c73485c955
-
SHA512
df0c99851c48dd205f0f896e0735ba4564afc0f99eec2d38951f13f689c597fff211e315cf9dc2b19625aab547b3b8df47edc5b8ff2fc2568d3eeaadc6044a7d
-
SSDEEP
24576:F0ZhDa7BatUBFM8su0ZjpXZN0FmEOGpYmh:FwWNFBFM8s9FpXHunh
-
Sality family
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
4