General
-
Target
dbc44a4aaa29d2c544e723bba06b33793fe7b8e744b65ef6930177d31760b0a6
-
Size
612KB
-
Sample
240630-x5ejtawfrj
-
MD5
da4ed8321c53d9b4e161a930eb1d3e1c
-
SHA1
5f5aa7df3ce20d76b77925752ab6be24d9502b12
-
SHA256
dbc44a4aaa29d2c544e723bba06b33793fe7b8e744b65ef6930177d31760b0a6
-
SHA512
ca9c4e4b1d2a0b951c507c45aee02083041975fc2c45b8178028d570b33f9979251ac5d1d74697c2bfa5a4d32f5e58b894d6f9322cd287098ad35df8f5360fef
-
SSDEEP
12288:wijxRW6eWZ/J0jFomeUkyej14X0Wulmw9F:ZPeWZaFFeUHFX0WuMw9F
Static task
static1
Behavioral task
behavioral1
Sample
dbc44a4aaa29d2c544e723bba06b33793fe7b8e744b65ef6930177d31760b0a6.exe
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
dbc44a4aaa29d2c544e723bba06b33793fe7b8e744b65ef6930177d31760b0a6
-
Size
612KB
-
MD5
da4ed8321c53d9b4e161a930eb1d3e1c
-
SHA1
5f5aa7df3ce20d76b77925752ab6be24d9502b12
-
SHA256
dbc44a4aaa29d2c544e723bba06b33793fe7b8e744b65ef6930177d31760b0a6
-
SHA512
ca9c4e4b1d2a0b951c507c45aee02083041975fc2c45b8178028d570b33f9979251ac5d1d74697c2bfa5a4d32f5e58b894d6f9322cd287098ad35df8f5360fef
-
SSDEEP
12288:wijxRW6eWZ/J0jFomeUkyej14X0Wulmw9F:ZPeWZaFFeUHFX0WuMw9F
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1