sality | e1e07ddd452be5ba8c122ba25d3e133347c37204b7bf6f79ae80ddf9b4eb4d40 | Triage

Sharing

General

Target

JaffaCakes118_78f8c1d63f1c8f5bf77fda85f1810fb0
Size

112KB
Sample

250202-e2dt1axjgk
MD5

78f8c1d63f1c8f5bf77fda85f1810fb0
SHA1

36eab8af578c354ba970a0c8db8e28a1a49926b4
SHA256

e1e07ddd452be5ba8c122ba25d3e133347c37204b7bf6f79ae80ddf9b4eb4d40
SHA512

1bff89a6f237f169a3e2d2522a2e44d8245b6b7183c07e1ea3b7f2453362fd27a5849663af0a73f5d2ba9bb59e051760e053e6324aecdc63d7eb44e9a5706558
SSDEEP

3072:UoTE6LcSj9gQjzk6/yIO3X0VQZNtX2XnMYPrYOF:Lnj9h3k6/iYQv9qMYPxF

Score

10^/10

sality backdoor defense_evasion discovery trojan upx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  JaffaCakes118_78f8c1d63f1c8f5bf77fda85f1810fb0
- Size
  
  112KB
- MD5
  
  78f8c1d63f1c8f5bf77fda85f1810fb0
- SHA1
  
  36eab8af578c354ba970a0c8db8e28a1a49926b4
- SHA256
  
  e1e07ddd452be5ba8c122ba25d3e133347c37204b7bf6f79ae80ddf9b4eb4d40
- SHA512
  
  1bff89a6f237f169a3e2d2522a2e44d8245b6b7183c07e1ea3b7f2453362fd27a5849663af0a73f5d2ba9bb59e051760e053e6324aecdc63d7eb44e9a5706558
- SSDEEP
  
  3072:UoTE6LcSj9gQjzk6/yIO3X0VQZNtX2XnMYPrYOF:Lnj9h3k6/iYQv9qMYPxF
Score

10^/10

discovery sality backdoor defense_evasion trojan upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- Sality family
  sality
- UAC bypass
  defense_evasion trojan
- Checks whether UAC is enabled
  defense_evasion trojan
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

salitybackdoordefense_evasiondiscoverytrojanupx