General
-
Target
a88d50765a773424d2948b8d3ae76cbd55e04185e61858ab9bdae33d02ecab46
-
Size
681KB
-
Sample
240629-brm35s1aqm
-
MD5
48b01d6b8aa53f9e16aa6e2af278dd93
-
SHA1
a192c2383449a86d4541554886b44c258c914abc
-
SHA256
a88d50765a773424d2948b8d3ae76cbd55e04185e61858ab9bdae33d02ecab46
-
SHA512
f439d15762cfc99fba8023dacbaeab21b9d31084845717b371ef6c97004d8f14da8514f27b2d72c88e47f9338947ec89553f529d08506f73f80b5d260577aaa1
-
SSDEEP
12288:0tpyxhomlpOKPjzavqoBWOmNsaBoPvnTEX0F:yyxhoUIv5Wtsa0vAkF
Static task
static1
Behavioral task
behavioral1
Sample
a88d50765a773424d2948b8d3ae76cbd55e04185e61858ab9bdae33d02ecab46.exe
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
a88d50765a773424d2948b8d3ae76cbd55e04185e61858ab9bdae33d02ecab46
-
Size
681KB
-
MD5
48b01d6b8aa53f9e16aa6e2af278dd93
-
SHA1
a192c2383449a86d4541554886b44c258c914abc
-
SHA256
a88d50765a773424d2948b8d3ae76cbd55e04185e61858ab9bdae33d02ecab46
-
SHA512
f439d15762cfc99fba8023dacbaeab21b9d31084845717b371ef6c97004d8f14da8514f27b2d72c88e47f9338947ec89553f529d08506f73f80b5d260577aaa1
-
SSDEEP
12288:0tpyxhomlpOKPjzavqoBWOmNsaBoPvnTEX0F:yyxhoUIv5Wtsa0vAkF
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1