Extracted

• • Target

    7f2dc0b1455ef1db7aff49860b0d81c0_NeikiAnalytics

  • Size

    84KB

  • MD5

    7f2dc0b1455ef1db7aff49860b0d81c0

  • SHA1

    aac2bbcdbd6f8bfba80e1c6af3ccc99c5c4c050f

  • SHA256

    67cb5793f7f5625e4bcc9378ba35e350a33e527267153ab932e1155d3dd403aa

  • SHA512

    8759414ba39af2ff0fa8e26db440969c5bd19cb1748b6d864747de43884914870989ade0ec4f5d0e2b529589121186aaf2771ca41768aed602fb1fc01c32f91c

  • SSDEEP

    1536:sCc2huABZ3mAZngoyeYunEzAg+V5DqBiqQqXD1hEj/VJGflNLaL/IZf6:sCcIZn4exlg+VxWiqJnEjqt8Lu6

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2