sality | 0f435ab27e8553cfe857b6e42388ba04e8e893bfac09c889e547ba6f7b038e3f | Triage

Sharing

General

Target

2025-03-30_ac7daf491a3c328440a6a45854059f90_black-basta_cobalt-strike_hijackloader_luca-stealer
Size

982KB
Sample

250330-h3a2aavmz9
MD5

ac7daf491a3c328440a6a45854059f90
SHA1

eaeed434e281c527111977bbecdfd21c017edd55
SHA256

0f435ab27e8553cfe857b6e42388ba04e8e893bfac09c889e547ba6f7b038e3f
SHA512

3b5253287993a51a2734b381070d150ba10e4a02e8dfa3b696a561f172514321d01436548ecd59eba3322819689e55ab54421e2a02d57473395ced6a4b139f09
SSDEEP

12288:EFm7VGWt0kcG70wgZZwoNDkf/NcoInWKO6zmmHJtwHIRBJfsPcZmsY8wZq3le2sd:B7oE0i70xzExjmpDJ4cZmsY8wWsd

Score

10^/10

sality backdoor defense_evasion discovery trojan upx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  2025-03-30_ac7daf491a3c328440a6a45854059f90_black-basta_cobalt-strike_hijackloader_luca-stealer
- Size
  
  982KB
- MD5
  
  ac7daf491a3c328440a6a45854059f90
- SHA1
  
  eaeed434e281c527111977bbecdfd21c017edd55
- SHA256
  
  0f435ab27e8553cfe857b6e42388ba04e8e893bfac09c889e547ba6f7b038e3f
- SHA512
  
  3b5253287993a51a2734b381070d150ba10e4a02e8dfa3b696a561f172514321d01436548ecd59eba3322819689e55ab54421e2a02d57473395ced6a4b139f09
- SSDEEP
  
  12288:EFm7VGWt0kcG70wgZZwoNDkf/NcoInWKO6zmmHJtwHIRBJfsPcZmsY8wZq3le2sd:B7oE0i70xzExjmpDJ4cZmsY8wWsd
Score

10^/10

discovery sality backdoor defense_evasion trojan upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- Sality family
  sality
- Windows security bypass
  defense_evasion trojan
- Windows security modification
  defense_evasion trojan
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

salitybackdoordefense_evasiondiscoverytrojanupx