General

  • Target

    JaffaCakes118_9a9bf0771df39862888e839145396b40

  • Size

    201KB

  • Sample

    250405-p2p75swxdv

  • MD5

    9a9bf0771df39862888e839145396b40

  • SHA1

    92c563c6fd2c14a0d8c0592f4a98e16a46c55b7b

  • SHA256

    6382fbb3dd94c759a78b99c341aee6f95149e2f3cc1235b48c201f0e4caaccb8

  • SHA512

    ab7619d5697c51601aef953d9cd6102ea587c23c1b65f86109bafab4b01484f66a8aa0b5b07002ed7860d9c044226e1fb992f28ea8b76ecfb1e83edab43ee52e

  • SSDEEP

    3072:tWeUxgOV/Pgpvc+T7ci4nKSCi18jT8Cy/:geygUXguvnKg

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      JaffaCakes118_9a9bf0771df39862888e839145396b40

    • Size

      201KB

    • MD5

      9a9bf0771df39862888e839145396b40

    • SHA1

      92c563c6fd2c14a0d8c0592f4a98e16a46c55b7b

    • SHA256

      6382fbb3dd94c759a78b99c341aee6f95149e2f3cc1235b48c201f0e4caaccb8

    • SHA512

      ab7619d5697c51601aef953d9cd6102ea587c23c1b65f86109bafab4b01484f66a8aa0b5b07002ed7860d9c044226e1fb992f28ea8b76ecfb1e83edab43ee52e

    • SSDEEP

      3072:tWeUxgOV/Pgpvc+T7ci4nKSCi18jT8Cy/:geygUXguvnKg

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

    • Sality family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks