Extracted

• • Target

    ed41db3618f26237661bb6a919635164_JaffaCakes118

  • Size

    401KB

  • MD5

    ed41db3618f26237661bb6a919635164

  • SHA1

    9c1fd58cfa53acd91db75ea808b80c792ab37c51

  • SHA256

    c0df4455218a4337f055e8b5c79619ac3d04078f79509fea6ea04e78e25f704a

  • SHA512

    ec9ba94323780585d1d8f955b6c7e5e1e9f28e8af95b92d39587c514a4ff525ef15e9fd760e8cc5c81a8551ab714e92e8b9097317fc420e4d04ea5558ba084b2

  • SSDEEP

    6144:D3YWs6Mhj4EkgvbChbA8g2mTYwWjsgJo2EcX/CugRqhC7UJj7J:DpE3vbCZAfqwks9FBihFxJ

  Score

  10^/10

  salitybackdoordiscoveryevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • Sality family

    sality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2