Extracted

• • Target

    2142f2c3a330bdexeexeexeex.exe

  • Size

    2.3MB

  • MD5

    2142f2c3a330bd74fb65defe2cf67479

  • SHA1

    ed68a0d92c85f767085b0f8edf8132c78c8c0fac

  • SHA256

    5fa8301eecc2703a31d25983258bbc2591976d5a9159f5286904ad53c6ae74ec

  • SHA512

    fa949b2c6566b9c4fb66d3a8a1146e24614ca6ef49f33e3123411374ef693a1b8b69020a09c10d90258e0eab117d9396a4b3cb04584dd9e17844ab1040ebfddd

  • SSDEEP

    49152:ELlxExO753ZS29JmApY+JmbeePlvwCJJrioSK8eeCNUm3uRRvIy7LjviD9hP1u:ELlMO7vS2/BY+JWeGlvwCJJeoCmcRvIu

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2