General
-
Target
577d8e3991ca41b9ff9ce7fccb0a7d52f2d7c7a3c7eeb300a9bd32ef159e5bf5N.exe
-
Size
4.0MB
-
Sample
241219-lsz47szmaj
-
MD5
a782f712e05deddb53ae0d84f7014e90
-
SHA1
b3248b88e332da444e4769d69101686f298f793a
-
SHA256
577d8e3991ca41b9ff9ce7fccb0a7d52f2d7c7a3c7eeb300a9bd32ef159e5bf5
-
SHA512
d7b3beac3dd31c94a3f7d01c79887399348aaa8116c8c138905892c687087514cc705e9fa50dfcd7de84c35e4df8307f448b5064ee447b54482fc1204579454c
-
SSDEEP
24576:GkliAPwmOqW0qsznh7cUsk826UEF2KrpkL9Tv4RNGazxxa0fho8KWfk9fImEcw8O:DwmVbh3YdrsTwRJzxxaIh/bf0INH8v94
Static task
static1
Behavioral task
behavioral1
Sample
577d8e3991ca41b9ff9ce7fccb0a7d52f2d7c7a3c7eeb300a9bd32ef159e5bf5N.exe
Resource
win7-20241023-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
577d8e3991ca41b9ff9ce7fccb0a7d52f2d7c7a3c7eeb300a9bd32ef159e5bf5N.exe
-
Size
4.0MB
-
MD5
a782f712e05deddb53ae0d84f7014e90
-
SHA1
b3248b88e332da444e4769d69101686f298f793a
-
SHA256
577d8e3991ca41b9ff9ce7fccb0a7d52f2d7c7a3c7eeb300a9bd32ef159e5bf5
-
SHA512
d7b3beac3dd31c94a3f7d01c79887399348aaa8116c8c138905892c687087514cc705e9fa50dfcd7de84c35e4df8307f448b5064ee447b54482fc1204579454c
-
SSDEEP
24576:GkliAPwmOqW0qsznh7cUsk826UEF2KrpkL9Tv4RNGazxxa0fho8KWfk9fImEcw8O:DwmVbh3YdrsTwRJzxxaIh/bf0INH8v94
-
Modifies firewall policy service
-
Sality family
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5