sality

General

Target

JaffaCakes118_5e9c0f1924e37ef206d779d784ab12cd
Size

125KB
Sample

250130-ep46esxler
MD5

5e9c0f1924e37ef206d779d784ab12cd
SHA1

83454abd65790b23e20384530f8a0fbc59da11d4
SHA256

5aa29e3f296797e8908613d6164ca163cea76fdac68d65c5099a3813e0d98729
SHA512

4f69842a88f5ec70b36b2db216be7f5fae06918bc589a482d8cdb810faa96375408f7d3b2b58e8d8f1cc5fe91f8e4bedfeb79887c7362bdaa5b1c06e7227edfb
SSDEEP

1536:e3PoyymBI4UVVppo5AeQ+Ott1TXMLY4iIg5F5RaL4sBNAt/DYo80Lnr8AE1+N:65640npo5AeQ3/1TcU4iIyPej0OcFU

Score

10^/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  JaffaCakes118_5e9c0f1924e37ef206d779d784ab12cd
- Size
  
  125KB
- MD5
  
  5e9c0f1924e37ef206d779d784ab12cd
- SHA1
  
  83454abd65790b23e20384530f8a0fbc59da11d4
- SHA256
  
  5aa29e3f296797e8908613d6164ca163cea76fdac68d65c5099a3813e0d98729
- SHA512
  
  4f69842a88f5ec70b36b2db216be7f5fae06918bc589a482d8cdb810faa96375408f7d3b2b58e8d8f1cc5fe91f8e4bedfeb79887c7362bdaa5b1c06e7227edfb
- SSDEEP
  
  1536:e3PoyymBI4UVVppo5AeQ+Ott1TXMLY4iIg5F5RaL4sBNAt/DYo80Lnr8AE1+N:65640npo5AeQ3/1TcU4iIyPej0OcFU
Score

10^/10

discovery sality backdoor upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- Sality family
  sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Sality family

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2