Extracted

• • Target

    bdd811d7d9e6db91de1b5d43bbe41c8b01fcf895dd3541cb0e97e3e85a45fdf5.exe

  • Size

    97KB

  • MD5

    59d258afe53930e54761a943efc8ceb5

  • SHA1

    c4b24df2fc6f8217ac2c47fa46e1ec48f555d23b

  • SHA256

    bdd811d7d9e6db91de1b5d43bbe41c8b01fcf895dd3541cb0e97e3e85a45fdf5

  • SHA512

    49daef462ca438892b3e351b31e39a9a285d2f2658aaf07b2946776484ec70e63bdece8bed463bba1c8d476bfbb5466aeca7e829a955c0c1bbaeda64d478e6ee

  • SSDEEP

    1536:G8l+o9bzLv1ELxXYbuGBFDOmnrdyoBTTgkrUxpkmynG7vweP64x:NY4bzLyYqGBznr1BhrUxpinqIeP64x

  Score

  10^/10

  salitybackdoordiscoveryevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • Sality family

    sality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2