Extracted

• • Target

    eb88787c5f286685cb0890e6a4b00740_NeikiAnalytics.exe

  • Size

    65KB

  • MD5

    eb88787c5f286685cb0890e6a4b00740

  • SHA1

    e31bed2a01a5a465ec8eecf886bd5b6516a1d0f2

  • SHA256

    8ae259446550c33fba32f248a0476974eb28c1a78cd5c1426efd683f37cf0eb1

  • SHA512

    3964f7a3f5a25c1f0ecca5207a5bdcab2880db028d14757c49748bea9f676ddf3f3c1e20e12b429276c743fb4d141f0b518d1bdee656c44926ac3e8157c36dc7

  • SSDEEP

    768:doY5OSpdKxkZR+3ex7zSoN8XJiuJem1P2tXuVt7636PrUZae6mIUjm24AIRSmu7M:d15ZWkZRaeJzqB14OtZPNLcm5/RjDD

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2