Overview

overview

10

Static

static

3

9c5f2c7804...cs.exe

windows7-x64

10

9c5f2c7804...cs.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9c5f2c780494a4cd6aa65cbdb5d4157bd3e32abc0e5db5c05bc86c842b0fed32_NeikiAnalytics.exe

  • Size

    205KB

  • Sample

    240628-rtkzkaxdmm

  • MD5

    8d4c62eafa937f874cdeb1e5ff825f90

  • SHA1

    d28ae5f6327aa9edd0cf4d4ced561e4f2388985d

  • SHA256

    9c5f2c780494a4cd6aa65cbdb5d4157bd3e32abc0e5db5c05bc86c842b0fed32

  • SHA512

    9a7a93cf06380ba94f2f38581ef470cf870bb031558a0e9b2b0a88ec12f2be9918079e5566cd6d3e0f80be7f8dc11fe3e8d05462f270f2bc4a4a5dd996bb6577

  • SSDEEP

    3072:iV7OcWLXhVfpl6aaufL4tdHp4dN0TKva37A/ZHBOP/H61mxRODzGx:Tdpl6aauYHDuW0/Z4P/HUmWDzM

Score
10/10
salitybackdoorupx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Targets

    • Target

      9c5f2c780494a4cd6aa65cbdb5d4157bd3e32abc0e5db5c05bc86c842b0fed32_NeikiAnalytics.exe

    • Size

      205KB

    • MD5

      8d4c62eafa937f874cdeb1e5ff825f90

    • SHA1

      d28ae5f6327aa9edd0cf4d4ced561e4f2388985d

    • SHA256

      9c5f2c780494a4cd6aa65cbdb5d4157bd3e32abc0e5db5c05bc86c842b0fed32

    • SHA512

      9a7a93cf06380ba94f2f38581ef470cf870bb031558a0e9b2b0a88ec12f2be9918079e5566cd6d3e0f80be7f8dc11fe3e8d05462f270f2bc4a4a5dd996bb6577

    • SSDEEP

      3072:iV7OcWLXhVfpl6aaufL4tdHp4dN0TKva37A/ZHBOP/H61mxRODzGx:Tdpl6aauYHDuW0/Z4P/HUmWDzM

    Score
    10/10
    salitybackdoorupx

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

      backdoorsality

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks