Extracted

• • Target

    5f767b67f19b79f399ab531e8fb96210_NeikiAnalytics.exe

  • Size

    120KB

  • MD5

    5f767b67f19b79f399ab531e8fb96210

  • SHA1

    ded936bb945b7ddde128f83adbddd1bb673ba84d

  • SHA256

    a84d5d95994f257a131f1f52cdb5f0682c91822547d08d94e7dee6a2ca1f9ea4

  • SHA512

    cfad38a884039560a3a964b9bd7917a1925c7c264d8eb0ca5cdf77a513da0af3c3360808dc8a6ce6f65a0ca644dbda8ae548742130b6c1f9356119a79e6ca72a

  • SSDEEP

    3072:fjpY90bNXQD+XDIrQVQD/CPQ7yjfVgjU:fFRtQiTIrEQaQ7yjCjU

  Score

  10^/10

  salitybackdoorevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2