Extracted

• • Target

    8f8499de8a74a119911b7e28bd7ff58d37ecfde59282d9e23783fe05a1127ec4

  • Size

    949KB

  • MD5

    09a52d6c15bd3aeb5774a204bb052860

  • SHA1

    b80368304eb5887ce0bbd5d7e4933ee5f3e63461

  • SHA256

    8f8499de8a74a119911b7e28bd7ff58d37ecfde59282d9e23783fe05a1127ec4

  • SHA512

    c73efbf6fe3accfc3bb7eb59af64ac1830619c6b7d93509c072d17a77b44c46992394b234d450161cdff92426aeb5490ae5fca44d7e7f7939f9e0cffa74ea31d

  • SSDEEP

    12288:QIzllvEWRcUb6R9oHbB4sFxoNaUHD295lOMA9+paP0gSLgRygKsC2cG8Y:QIzlP1Y9oUaUj29evQps0gSsIgKsANY

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2