Extracted

• • Target

    db1f77c8268ec959d77e57a5c03d5628_JaffaCakes118

  • Size

    205KB

  • MD5

    db1f77c8268ec959d77e57a5c03d5628

  • SHA1

    9860a27e4b28b562d272243fad746561ca14eeca

  • SHA256

    ce845bda2fd33fbb2fc49dcd147bfc62829bef31afc1bd3ef0219ace828eea0e

  • SHA512

    9665ef126a2009535c534e6baa20023e6225541c1f88af922621d31caffeabbd5df512d9893701975590790aa700afba4703ae8b8c1b299c3360e61ba07359a0

  • SSDEEP

    3072:ewk/MpIT6Klkk8kXRcaCBJoC2VN99EQi2i77xtx8ntOAru:iM26Zk8ZTBJoX96QiL9b8ntOAK

  Score

  10^/10

  discoverysalitybackdoorevasiontrojanupx

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Disables RegEdit via registry modification

    evasion

  • Disables Task Manager via registry modification

    evasion

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2