sality | 02f830dacffb6588afc7ec48b3d54e8117f6bb1e00aee9572f74d3d55bd34946 | Triage

Sharing

General

Target

02f830dacffb6588afc7ec48b3d54e8117f6bb1e00aee9572f74d3d55bd34946
Size

1.8MB
Sample

250404-3lfknawway
MD5

84126a50efd2b6ce703ee2ff9777f97e
SHA1

50da4a583c2a90ea781e4e5953e89a108688b150
SHA256

02f830dacffb6588afc7ec48b3d54e8117f6bb1e00aee9572f74d3d55bd34946
SHA512

9b163a7203600ffe6c7ec1798853c74780119b8512c811dd1d9fbd4995d940dccb1deb1cea42c2d05721d9a227c53c3512563ac49fec0521a48e939516b47854
SSDEEP

49152:W+UrfhixumnGLgj1yzHwnzLt/wwwwsG378E1HuiTGUfU0rp6:W+UrfhRmnT3wE1H6

Score

10^/10

sality backdoor discovery upx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  02f830dacffb6588afc7ec48b3d54e8117f6bb1e00aee9572f74d3d55bd34946
- Size
  
  1.8MB
- MD5
  
  84126a50efd2b6ce703ee2ff9777f97e
- SHA1
  
  50da4a583c2a90ea781e4e5953e89a108688b150
- SHA256
  
  02f830dacffb6588afc7ec48b3d54e8117f6bb1e00aee9572f74d3d55bd34946
- SHA512
  
  9b163a7203600ffe6c7ec1798853c74780119b8512c811dd1d9fbd4995d940dccb1deb1cea42c2d05721d9a227c53c3512563ac49fec0521a48e939516b47854
- SSDEEP
  
  49152:W+UrfhixumnGLgj1yzHwnzLt/wwwwsG378E1HuiTGUfU0rp6:W+UrfhRmnT3wE1H6
Score

10^/10

sality backdoor discovery upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- Sality family
  sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

salitybackdoordiscoveryupx