General
-
Target
7d7357d73f0251a2b3cb8cb6534855fa7bb9648474bd96889d1b89bbe11b4c35
-
Size
733KB
-
Sample
241230-r6ggxaxnhm
-
MD5
e0b6e77863029d2780d5d1836153097e
-
SHA1
f7347bfe3e6652a60d6209f23d87474ddd5a6198
-
SHA256
7d7357d73f0251a2b3cb8cb6534855fa7bb9648474bd96889d1b89bbe11b4c35
-
SHA512
5ff95db61bd38c1750b82352500145a3c66b4d363a6bcd02e4fb196c5d84df0ce27d94ded937c608a19b3487b4be42139ae9ab4acd2ad751925dfbd416aba461
-
SSDEEP
12288:i5KzZhiQdGIQSYDmo4/3meBqNKy9AGZqpMvJZT3qtZF3NRqn6lsTsK/wbqHbmATt:oKzZh2IJWGqNAGZqpMjT3I3z+6lsTnoC
Static task
static1
Behavioral task
behavioral1
Sample
7d7357d73f0251a2b3cb8cb6534855fa7bb9648474bd96889d1b89bbe11b4c35.exe
Resource
win7-20240729-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
7d7357d73f0251a2b3cb8cb6534855fa7bb9648474bd96889d1b89bbe11b4c35
-
Size
733KB
-
MD5
e0b6e77863029d2780d5d1836153097e
-
SHA1
f7347bfe3e6652a60d6209f23d87474ddd5a6198
-
SHA256
7d7357d73f0251a2b3cb8cb6534855fa7bb9648474bd96889d1b89bbe11b4c35
-
SHA512
5ff95db61bd38c1750b82352500145a3c66b4d363a6bcd02e4fb196c5d84df0ce27d94ded937c608a19b3487b4be42139ae9ab4acd2ad751925dfbd416aba461
-
SSDEEP
12288:i5KzZhiQdGIQSYDmo4/3meBqNKy9AGZqpMvJZT3qtZF3NRqn6lsTsK/wbqHbmATt:oKzZh2IJWGqNAGZqpMjT3I3z+6lsTnoC
-
Modifies firewall policy service
-
Sality family
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5