Extracted

• • Target

    539b54ec20f2b002915e59ae1e36427447bd720c1201d356094e0c993c8db485

  • Size

    97KB

  • MD5

    72863626913b5d22724311fed1a734b6

  • SHA1

    fd1801d00d584da471585c9a3792b32ecbe0980c

  • SHA256

    539b54ec20f2b002915e59ae1e36427447bd720c1201d356094e0c993c8db485

  • SHA512

    4a7979df9339e8f51877b3fd38f3d1eb176bd251fa07ed25090dc0479656f0ef9c2af3ff46229c1419c328f9d2988248adb626d5bbe7f9ff809afc2e0931c9ef

  • SSDEEP

    1536:jzWVxgjyd0qNYd/EDMdEX9gIfAHcKfyCpwLLAvvoZ3gQHfJg/O:uVKrqNYpED258YCLEIZ3gMJg

  Score

  10^/10

  salitybackdoordiscoveryevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • Sality family

    sality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2