Extracted

• • Target

    cc89eb34c8c37149dc094391ce5f6af3ea5089b0077c0458ab360473835812cc.exe

  • Size

    136KB

  • MD5

    5f81167ea4d4396b6ab9909209fb2560

  • SHA1

    2fc1ab80f92bc70a77c77b84ef7c9cb7d5df69de

  • SHA256

    cc89eb34c8c37149dc094391ce5f6af3ea5089b0077c0458ab360473835812cc

  • SHA512

    4f0ca649e0534b3a080424f8d621760e959b434f8b426670317b5220c21b994c8be254908890093378f19c9012766511938f994aaa5dc36913afe1ce1466fc8c

  • SSDEEP

    3072:UMXdTLgDKcoS89jPPm+Oi7kTTQ7WcLirVBRhV+7sA:UMXdTLgfoS2jHG0TGV3DWR

  Score

  10^/10

  salitybackdoordiscoveryevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • Sality family

    sality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Drops file in System32 directory

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2