Extracted

• • Target

    0fb4afabf6d14272463f9bbb1162af40_NeikiAnalytics

  • Size

    88KB

  • MD5

    0fb4afabf6d14272463f9bbb1162af40

  • SHA1

    2ab4ada95ee3dfeb9b342431633068aba3768ba8

  • SHA256

    85784b23a02743d8133b23a0b43c1c1d20e51e444a9218a40f3a692d92b1e4f1

  • SHA512

    309f0df36cfe096303f66b0d57ae52b4a9d554301cf7530ecee6a430623b280dea02f0050afa4e3a10bfb80d7e878aa188e1427e0909fc98a756a4d545a83e50

  • SSDEEP

    1536:uk2djFQmreOoYaDK4/XYsYsAlEr4ium27/WfaWsgT37r9rOlJfG:u1vQSeOoYYXanm2TgsgTv9rOze

  Score

  10^/10

  salitybackdoorupxevasiontrojan

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2