sality

General

Target

903a782c3bbf15cc413b5a9c0f3376e894045a66afc24e3dd7c42240f7874893
Size

1.1MB
Sample

241227-s6vvzawqgw
MD5

031c4b6ca868b247e91faa7c0be55c2f
SHA1

7257371cf76ab4c4f84d568e27582b918467e004
SHA256

903a782c3bbf15cc413b5a9c0f3376e894045a66afc24e3dd7c42240f7874893
SHA512

145f31239b869d4bb615f2a7b71614b1be297fefdcb9d0ed95edab99ce2458d4a63b885373df212b7d033cb119c484ebfb5a6ba24dec02849834cce126fb1651
SSDEEP

24576:FqIIfZ31W+BzDevrryVHYVGpYCkguc7ZBCk8aR76piD1:FqIIdBsrSGGptHuc7ZBCTaR76piD1

Score

10^/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  903a782c3bbf15cc413b5a9c0f3376e894045a66afc24e3dd7c42240f7874893
- Size
  
  1.1MB
- MD5
  
  031c4b6ca868b247e91faa7c0be55c2f
- SHA1
  
  7257371cf76ab4c4f84d568e27582b918467e004
- SHA256
  
  903a782c3bbf15cc413b5a9c0f3376e894045a66afc24e3dd7c42240f7874893
- SHA512
  
  145f31239b869d4bb615f2a7b71614b1be297fefdcb9d0ed95edab99ce2458d4a63b885373df212b7d033cb119c484ebfb5a6ba24dec02849834cce126fb1651
- SSDEEP
  
  24576:FqIIfZ31W+BzDevrryVHYVGpYCkguc7ZBCk8aR76piD1:FqIIdBsrSGGptHuc7ZBCTaR76piD1
Score

10^/10

discovery sality backdoor upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- Sality family
  sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Sality family

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2