Extracted

• • Target

    5a2423cd997f2d9e1df1b99c5160d9b2

  • Size

    136KB

  • MD5

    5a2423cd997f2d9e1df1b99c5160d9b2

  • SHA1

    3450c77c8e81bf1d87e2fc302f5b69abc5dcb2f6

  • SHA256

    eb868b52b10b97108d4cfeb0cdb0c8d00461fb140e0a606419c58c0e249f694c

  • SHA512

    ff562eb0a5506a6bb4b533e241c0430ee8f229cbfd12b222e0dde5447e100170d86e1a9faaf10493b0ee6ba9cb246173060e5059126a3fb380365c88e87ab3e2

  • SSDEEP

    3072:Jz+kVyEtF8RZTrlmfMRDytJXhrimbk92cv:d+kV3bWZT2oq+KkZ

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Disables RegEdit via registry modification

    evasion

  • Disables Task Manager via registry modification

    evasion

  • Modifies Windows Firewall

    evasion

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2