General
-
Target
7386b70849e2e7ac8180562db0cab76311052684a95fd4213b6602b283165090N.exe
-
Size
97KB
-
Sample
241225-1kqywsyqgr
-
MD5
82e253a42424ad0a5c31a7e1a9eb9f80
-
SHA1
d41af60e4ce2c550a126ed0c6fc390900911c323
-
SHA256
7386b70849e2e7ac8180562db0cab76311052684a95fd4213b6602b283165090
-
SHA512
0c7887c95c2636c39b5882d592d11c301f1d52d803ce79b4da196299baf89260634d970b6429d67f8092618e54752c5d9ba65d70e853ecf97f4b89f77010ccff
-
SSDEEP
1536:L97SmAqtLK1AM4xDwkHGwHZNQqElJK09cZ/bBb9HiCjJKYU5v:BT1K4zGw5kDKBVbHFjEY
Static task
static1
Behavioral task
behavioral1
Sample
7386b70849e2e7ac8180562db0cab76311052684a95fd4213b6602b283165090N.exe
Resource
win7-20241010-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
7386b70849e2e7ac8180562db0cab76311052684a95fd4213b6602b283165090N.exe
-
Size
97KB
-
MD5
82e253a42424ad0a5c31a7e1a9eb9f80
-
SHA1
d41af60e4ce2c550a126ed0c6fc390900911c323
-
SHA256
7386b70849e2e7ac8180562db0cab76311052684a95fd4213b6602b283165090
-
SHA512
0c7887c95c2636c39b5882d592d11c301f1d52d803ce79b4da196299baf89260634d970b6429d67f8092618e54752c5d9ba65d70e853ecf97f4b89f77010ccff
-
SSDEEP
1536:L97SmAqtLK1AM4xDwkHGwHZNQqElJK09cZ/bBb9HiCjJKYU5v:BT1K4zGw5kDKBVbHFjEY
-
Modifies firewall policy service
-
Sality family
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5