Extracted

• • Target

    1e7ce28f7f67aef3d4038071cf3d63a2151c0dac90d64f9e9abe3da70fda5f61N.exe

  • Size

    97KB

  • MD5

    030b304a7fa3cef7ba48a18f0020e390

  • SHA1

    5520fb8d50fdaa0afd19678934f6f65ce2b9549e

  • SHA256

    1e7ce28f7f67aef3d4038071cf3d63a2151c0dac90d64f9e9abe3da70fda5f61

  • SHA512

    42346e5d82d3aee63a64e05742ee12a1b542c47a8a76cb3472c5969727526b5f4d2bef810b2766174d62094e14071a1d972099d53d072319041ec8e8ccdee267

  • SSDEEP

    1536:LsYOea2Aad+LORnH8/ldR8MQgTCCvp3fUxtdarE6W8Ji1eX1i6ZYplJ/1:4YOe3kCc/ldR8MDdv0CE65i8i6a

  Score

  10^/10

  salitybackdoordiscoveryevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • Sality family

    sality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2