Extracted

• • Target

    e1accebc3f47d008fcdd9fc43e9084af_JaffaCakes118

  • Size

    120KB

  • MD5

    e1accebc3f47d008fcdd9fc43e9084af

  • SHA1

    ba32619d453432c6d71f88bb439003713530cf18

  • SHA256

    202cb7dd1e4316e3112910e2560492504b45d0a3203c88c79bbe7f1f347b9b6e

  • SHA512

    a21fab6f74cf49ed33b7c46306c164f98d42b69cb92645910ac290013ee48b11103f5691a871713c56434b4a777cc8e8aeba0edc5fe0dfb4f840aa7215f89e69

  • SSDEEP

    1536:VnSa3vVwlQPof+DsE6+WtIo+rL8FAKVdgOZVXfRkXUa7g2CUAvaxd:Vd/G+6tIoCL8RgofRkESu6

  Score

  10^/10

  discoverysalitybackdoorevasionpersistenceprivilege_escalationtrojanupx

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • Sality family

    sality

  • UAC bypass

    evasiontrojan

  • Modifies Windows Firewall

    evasion

  • Checks whether UAC is enabled

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2