General
-
Target
e563372e5699b4ae5112b7359cbd7491b253c3871e2ec73195f39eec0b939d87
-
Size
974KB
-
Sample
240630-x7rl6atbke
-
MD5
8a5f8a7a27d26609392a9b00eddaa6de
-
SHA1
4249a6a8365f0829d7a8331ae496984d5fe34869
-
SHA256
e563372e5699b4ae5112b7359cbd7491b253c3871e2ec73195f39eec0b939d87
-
SHA512
1ae8d2dc069890f0525b2c1b608674b9c4f5bde4c25ef84e55ba530d41b56514b12d3a5e8b69093b3da496c51faa873ef5e14bfcbf9ecfcfc3341a1aef4ec91a
-
SSDEEP
24576:lD1y0fHcTnUUc7/WUSKe8mqj0auXS64ae7eEOcxwY96:+0dbuE0a763e7HOxh
Static task
static1
Behavioral task
behavioral1
Sample
e563372e5699b4ae5112b7359cbd7491b253c3871e2ec73195f39eec0b939d87.exe
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
e563372e5699b4ae5112b7359cbd7491b253c3871e2ec73195f39eec0b939d87
-
Size
974KB
-
MD5
8a5f8a7a27d26609392a9b00eddaa6de
-
SHA1
4249a6a8365f0829d7a8331ae496984d5fe34869
-
SHA256
e563372e5699b4ae5112b7359cbd7491b253c3871e2ec73195f39eec0b939d87
-
SHA512
1ae8d2dc069890f0525b2c1b608674b9c4f5bde4c25ef84e55ba530d41b56514b12d3a5e8b69093b3da496c51faa873ef5e14bfcbf9ecfcfc3341a1aef4ec91a
-
SSDEEP
24576:lD1y0fHcTnUUc7/WUSKe8mqj0auXS64ae7eEOcxwY96:+0dbuE0a763e7HOxh
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1