Extracted

• • Target

    979735bba7cbc0c8aeb43f3c16d405f17b10333f83fdadc36be34b344144faf4

  • Size

    168KB

  • MD5

    a404afec8d277514890743db342e3a89

  • SHA1

    57700435aaf64c831bb720f542e4715e79568d6f

  • SHA256

    979735bba7cbc0c8aeb43f3c16d405f17b10333f83fdadc36be34b344144faf4

  • SHA512

    3ed4d42f2c94f0f7096b75ca714b499fa1d81696ba9ac606e5f8bc3bfd63f42df77cc7facccb21a4d432f67ca21a88eec68096b9d8067ddffd3b3c19e79d0989

  • SSDEEP

    3072:ANQKPWDyBReVJltZrpRMm1EHF0QWildS+M2jX2AD9uw:ANSDyBRcthp4HFD/d1/jXP9

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Disables RegEdit via registry modification

    evasion

  • Disables Task Manager via registry modification

    evasion

  • Modifies Windows Firewall

    evasion

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2