Extracted

• • Target

    2a51958be6450ff8fe425535122ff1f4ae397726f5d45c4919e4f60f96811d12

  • Size

    520KB

  • MD5

    0050fa04e0c92b199a899a76d6ff9a50

  • SHA1

    094280b863760030b339fa58d243ab5251eb70fc

  • SHA256

    2a51958be6450ff8fe425535122ff1f4ae397726f5d45c4919e4f60f96811d12

  • SHA512

    9ecdb0bd14a1363a6941c0d4e617e55d9917d5280e4d8bbcc3d8959e1ee420a75054db1efe048a3db7260bc1e4bd148956de303da6fdbe4836539addf7d71da3

  • SSDEEP

    12288:BohjbbHOY5c9CsDrgMLi7uf8rY8h9UQSjEHFWvs6:Boh/bHOY5c9CsHMuf8h9GQ76

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2