General

  • Target

    41f69a3a3b93d4ec38f3a4ad0244dabba533b44f069c3432f7dd2d5ec68c5812

  • Size

    4.8MB

  • Sample

    241222-v9nbeavmfm

  • MD5

    392964952a8c2271cb997e54908c4587

  • SHA1

    13ac83179ea8d9db3662f6c073d9038f987ef45a

  • SHA256

    41f69a3a3b93d4ec38f3a4ad0244dabba533b44f069c3432f7dd2d5ec68c5812

  • SHA512

    19f7e9c839871681d597a4cd5b8e6f842909879ecc828243fc3c13ae59cc2e1a8afc858eb871e3b218d746d46a49814801eba9ad2d5af1af5f8317402d2ba136

  • SSDEEP

    24576:0gvAyBFEEW/mixfuKPTmasMSCf0dfC+zNb9TsRX9Pu3mmGld6oKZmMP+g9/Vr39T:jA40xFPsMSewfCONBTgG3mmhHmMP+gV

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      41f69a3a3b93d4ec38f3a4ad0244dabba533b44f069c3432f7dd2d5ec68c5812

    • Size

      4.8MB

    • MD5

      392964952a8c2271cb997e54908c4587

    • SHA1

      13ac83179ea8d9db3662f6c073d9038f987ef45a

    • SHA256

      41f69a3a3b93d4ec38f3a4ad0244dabba533b44f069c3432f7dd2d5ec68c5812

    • SHA512

      19f7e9c839871681d597a4cd5b8e6f842909879ecc828243fc3c13ae59cc2e1a8afc858eb871e3b218d746d46a49814801eba9ad2d5af1af5f8317402d2ba136

    • SSDEEP

      24576:0gvAyBFEEW/mixfuKPTmasMSCf0dfC+zNb9TsRX9Pu3mmGld6oKZmMP+g9/Vr39T:jA40xFPsMSewfCONBTgG3mmhHmMP+gV

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

    • Sality family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks