Extracted

• • Target

    9b4da148fc7619c16eede5c584107d0685e10721d31fd46b7f937283f531b8f8

  • Size

    65KB

  • MD5

    624d9c251480c776b9cae1dfb939cb7f

  • SHA1

    f6a6b56765aa150399180bae4effbf3fd057f7a9

  • SHA256

    9b4da148fc7619c16eede5c584107d0685e10721d31fd46b7f937283f531b8f8

  • SHA512

    0eb7db2ac98d0be3cc66cfbac415dc02ec24497d318bc9291b5e49be20500bd1403f714e81f62e069bddb6fa466a5e0a8899b335f2bfc9d220e582240d6e608c

  • SSDEEP

    1536:NqoC7Bt1M4jelHcQ+wsOir8kJBWcRo1LpAWUn9jPpQqWDsDn+:WD1il8QKr8kJYTLEPkDs6

  Score

  10^/10

  salitybackdoordiscoveryevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • Sality family

    sality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2