Extracted

• • Target

    NEAS.22be58c51040677c9a98fbfd6cd9f840.exe

  • Size

    65KB

  • MD5

    22be58c51040677c9a98fbfd6cd9f840

  • SHA1

    35f8368c052f5d96e0b16e7b82772971136c0e0b

  • SHA256

    f7749d520bf40c8b62b336d2d552c7b7c869d9f0f187f1ac44410d3d648da2d8

  • SHA512

    5c326a6367cff1989ea8430933d68f5598c5505c115d6234c9d77c46150e34629a7ad8b6a1caf22600eda4910c48a5383d8686149dae35ac89067ec252a93d41

  • SSDEEP

    1536:lP78jQNgNNg0fjNu4AY4eyFgIpYVyT2LPos:lPjgngUkSYjT2cs

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2