Extracted

• • Target

    162a149f242f4f7dc1f8ec50636c2d90_NeikiAnalytics.exe

  • Size

    65KB

  • MD5

    162a149f242f4f7dc1f8ec50636c2d90

  • SHA1

    904eae6b913c1251a3649ab972622e37e8fdfca0

  • SHA256

    3ba3af66363a0b4c0dae2f67b0c79920c2ebf978fce8b3f28d97fea46e6accd3

  • SHA512

    46a95ee947bedf09b035a64dc94a559f46925a8b4b60e37eada8857158d3c803f2c2675c15b4e7f6b57f195add33cb52cfbfe81070e1741e95ce18fb5dd34c1c

  • SSDEEP

    1536:mX8DTttd2ot9RTOIIiZlvW2B/nvp8W/x7E1:mMDkot91oGb/nx86BE1

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2