Extracted

• • Target

    4cbeee63a4ea0173ac1c344e29f41611fb7997d10ed883644eaf43e3954f2843

  • Size

    899KB

  • MD5

    10638ee7cb0f294505d92cbaa4191080

  • SHA1

    373d0cca12ede7fa582c12fa571945d07f5ba783

  • SHA256

    4cbeee63a4ea0173ac1c344e29f41611fb7997d10ed883644eaf43e3954f2843

  • SHA512

    dff8fd6a7558a8cac57821f8cd7bf5ae7c66da3bad1e506c812a8bb009e6b002574146cc8c4a7f26264673cbc0ba85cb3415afc62f886c2f00a36360ea51634f

  • SSDEEP

    24576:crdSlH9I4Ldm7hp1un//SjeBIqDtlfKXBMqzT21ndGkC3:cK0JufB3BazTPkC3

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2