Extracted

• • Target

    a8a5f9f6c7374b76789ffdadd6e91e941fd764e72a41fd714c2b2e9d1bc42d63

  • Size

    1.3MB

  • MD5

    8cd445b6854e28c2b20ce5225846afe3

  • SHA1

    5fe8655f5a95e8955c433bafe01ea7da945d56ef

  • SHA256

    a8a5f9f6c7374b76789ffdadd6e91e941fd764e72a41fd714c2b2e9d1bc42d63

  • SHA512

    92982060d5a9445f800ada943c45b9e34dbcd14a003e688dc0c03be04e8423d0957e2ced26246c3255c7d79b47e678de1727a7511369ed6cb6822cfc08c5790b

  • SSDEEP

    24576:2N9iO2UR2f8hyUd8W0HscgL1wVaNqno10LC6aG7XdTaaGF3Osim1BxF0+UJ:2NOUG8KW0Mj1wTo1tu7XdTzGF3Fim1Bu

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2