Extracted

• • Target

    fe3c1e5a1eb212c894b79f0d7a62a2954097df8afc9e5d86bbc9f8d4996b8a06

  • Size

    156KB

  • MD5

    0dab91e956a5a66f96c85d0d489b2530

  • SHA1

    9a5f5164c2e3ab017761bdc4e358568bc4a7f61b

  • SHA256

    fe3c1e5a1eb212c894b79f0d7a62a2954097df8afc9e5d86bbc9f8d4996b8a06

  • SHA512

    fef92278928cc0487e0b7cbcba299035e9d74a3e691fe728dc61fdfa39b30bf6f9e714b3b58bcca76df2f63d81b6433b81267070ef2df902fbdf48dc72b8f9eb

  • SSDEEP

    3072:koLu3RfcLEbgoz/m/9ms1i0xubKlGUhLg9il7vFFO:koEcgbQ9xnlG6L5jFFO

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2