Extracted

• • Target

    52623a951c986d6cc011f1ea53d9ef28

  • Size

    96KB

  • MD5

    52623a951c986d6cc011f1ea53d9ef28

  • SHA1

    0669b2372baf0f38425629adc0a1e916b8e1173d

  • SHA256

    54c49d3127f5d1dc7add9aac23997032122bd485d6e3272c55006688172aac97

  • SHA512

    d899e8133beaabd76812745c78d36407a617351dacfa83ab3cabd394b266acc7166aef19978aa998bf20962d1efd3c8bc78762b66b0a2f90295231fc59adbb0d

  • SSDEEP

    1536:omQ3s3Fcz6dCwzIs13TM3V4q3rVBuCx0/JS0DtSBwjJ9nLTF0Z:omQ3sVuSCTs13T0dZz6PDdfLT

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2