Extracted

• • Target

    f3e1468c4362208db9f715772f7acd38b3b8abb26169660ef99dbba3db51fa7f

  • Size

    65KB

  • MD5

    9b9bd34912e3386af3e83eafa4dfe49d

  • SHA1

    61ad02eb6b3098df4d820aac604cf87125db3c14

  • SHA256

    f3e1468c4362208db9f715772f7acd38b3b8abb26169660ef99dbba3db51fa7f

  • SHA512

    4a87d306a38f8f7c2a13af30f9c3bda329e2e52e2bf15c6424743fdab9000d389959dc0554b725f317b469d8dac1b5acbfcfda06840115e4e1642385d970e0e9

  • SSDEEP

    1536:mw74bfBoWLPQ5hoIuwUBRgn8y87j3RhSW1wEzAafrOURT52cvN1:KbfBoZZfUDlj3LrRf/BQe1

  Score

  10^/10

  salitybackdoordiscoveryevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • Sality family

    sality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2