General
-
Target
0bde688b29f61359035ed50d47321ce147c1de189700aafe66f4b4661f2de505N.exe
-
Size
655KB
-
Sample
241219-l9pd2aznez
-
MD5
56ed508215118c71f2949db070e60ef0
-
SHA1
d10ead22285b616a0b81d2578dce4e4dcf2396c4
-
SHA256
0bde688b29f61359035ed50d47321ce147c1de189700aafe66f4b4661f2de505
-
SHA512
1bf468f2df2107c1e76befd1bec9788b99155fbc040f0b68bcd11ec9c91e16c9dfab04451834c37d15ae7372dbbeb74926b0d5be8d35237979d9351ee2a2a38e
-
SSDEEP
12288:hGdfJDRM8SmKrBh69VpmSi6AxOzaO9TsnD98A7xH5zbgbWlIzkJ:gdhDRYmKi9XiZYzZ9TSD9J7xH5zsbWlJ
Static task
static1
Behavioral task
behavioral1
Sample
0bde688b29f61359035ed50d47321ce147c1de189700aafe66f4b4661f2de505N.exe
Resource
win7-20240903-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
0bde688b29f61359035ed50d47321ce147c1de189700aafe66f4b4661f2de505N.exe
-
Size
655KB
-
MD5
56ed508215118c71f2949db070e60ef0
-
SHA1
d10ead22285b616a0b81d2578dce4e4dcf2396c4
-
SHA256
0bde688b29f61359035ed50d47321ce147c1de189700aafe66f4b4661f2de505
-
SHA512
1bf468f2df2107c1e76befd1bec9788b99155fbc040f0b68bcd11ec9c91e16c9dfab04451834c37d15ae7372dbbeb74926b0d5be8d35237979d9351ee2a2a38e
-
SSDEEP
12288:hGdfJDRM8SmKrBh69VpmSi6AxOzaO9TsnD98A7xH5zbgbWlIzkJ:gdhDRYmKi9XiZYzZ9TSD9J7xH5zsbWlJ
-
Modifies firewall policy service
-
Sality family
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5