General
-
Target
33e191b6d740670bbe3c8adbfe5ad4d6407a2b4df6a0c0c44ffa09adfe92ac03N.exe
-
Size
232KB
-
Sample
241219-nb4r6ssjfs
-
MD5
7fdfbf18f3e1431ffd2704cd5c8eaae0
-
SHA1
1fc2c1eb7a386850a8e5870d05be4a783d9c5a57
-
SHA256
33e191b6d740670bbe3c8adbfe5ad4d6407a2b4df6a0c0c44ffa09adfe92ac03
-
SHA512
60e6871b26b8878d7cbaaa7f0dc8250ec0ebb8baf3e2257d3a8f20dfae5c5c061f69abc3febb03a5130e0cd5ba0efcf03b75136c11e44b3f2d0945083f79a43b
-
SSDEEP
6144:Iwf4+0byL/GXFMuQU1U+HCAKpOVlivJWD:Iwf4+0byTqBCAK0We
Static task
static1
Behavioral task
behavioral1
Sample
33e191b6d740670bbe3c8adbfe5ad4d6407a2b4df6a0c0c44ffa09adfe92ac03N.exe
Resource
win7-20240708-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
33e191b6d740670bbe3c8adbfe5ad4d6407a2b4df6a0c0c44ffa09adfe92ac03N.exe
-
Size
232KB
-
MD5
7fdfbf18f3e1431ffd2704cd5c8eaae0
-
SHA1
1fc2c1eb7a386850a8e5870d05be4a783d9c5a57
-
SHA256
33e191b6d740670bbe3c8adbfe5ad4d6407a2b4df6a0c0c44ffa09adfe92ac03
-
SHA512
60e6871b26b8878d7cbaaa7f0dc8250ec0ebb8baf3e2257d3a8f20dfae5c5c061f69abc3febb03a5130e0cd5ba0efcf03b75136c11e44b3f2d0945083f79a43b
-
SSDEEP
6144:Iwf4+0byL/GXFMuQU1U+HCAKpOVlivJWD:Iwf4+0byTqBCAK0We
-
Modifies firewall policy service
-
Sality family
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5