sality

General

Target

7985ee29990633eae8fc0675cea16944d5a01a7ee70f13f6dff4a8855e7d0453
Size

1.9MB
Sample

241227-3gatls1rgv
MD5

c13bd0ed2758b4493fcdd3c726b141ad
SHA1

44fc639689ca8f76b8ede0e4ab47d94d23facbb6
SHA256

7985ee29990633eae8fc0675cea16944d5a01a7ee70f13f6dff4a8855e7d0453
SHA512

a1029f4268a847afc7086f43ee58b74a96ad049d8a185a51cad324580f7ae26b9b6b28f47ef2c2f1c5aa9d0bb8f23147a8fb23d03c0a76af0c1d7ccb7e1e68f2
SSDEEP

24576:w8h4aPlfTUYDrQOfseBC1+ZnoBzEgY5cfPtQE3WV9UKk0mKiKSqSWLaPgIze7m2P:w1U9T8ZDYWntr3WVar4I3VGiAwOf

Score

10^/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Targets

- Target
  
  7985ee29990633eae8fc0675cea16944d5a01a7ee70f13f6dff4a8855e7d0453
- Size
  
  1.9MB
- MD5
  
  c13bd0ed2758b4493fcdd3c726b141ad
- SHA1
  
  44fc639689ca8f76b8ede0e4ab47d94d23facbb6
- SHA256
  
  7985ee29990633eae8fc0675cea16944d5a01a7ee70f13f6dff4a8855e7d0453
- SHA512
  
  a1029f4268a847afc7086f43ee58b74a96ad049d8a185a51cad324580f7ae26b9b6b28f47ef2c2f1c5aa9d0bb8f23147a8fb23d03c0a76af0c1d7ccb7e1e68f2
- SSDEEP
  
  24576:w8h4aPlfTUYDrQOfseBC1+ZnoBzEgY5cfPtQE3WV9UKk0mKiKSqSWLaPgIze7m2P:w1U9T8ZDYWntr3WVar4I3VGiAwOf
Score

10^/10

sality backdoor upx discovery
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- Sality family
  sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Sality family

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2