Extracted

• • Target

    86b04757abc8cca38203713e7532e130_NeikiAnalytics

  • Size

    120KB

  • MD5

    86b04757abc8cca38203713e7532e130

  • SHA1

    5a31e4e17b1cf26c5f6757494d3040c18c297729

  • SHA256

    35f289ed554716e5f8f5624ccaa609b8b6b687dc97e8b4e842673d87003d2995

  • SHA512

    fd1933bcaa21429297043a6d7eb3079cd9acb55ae51bb99b84517ebfc0dae1519ae8dc660cbc3cbc7bd0f925a7f36b3f62446b54a2701bab18324eaa551a95af

  • SSDEEP

    3072:ORNJ1OVdRvlcdU0Od7u/bdXKyUlATq0UYK3kT:ORT1OV3vshOt05Kr2G0zDT

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2