Extracted

• • Target

    f3f81d789e68cab7f804bd047c65ff3884f903fe5f804118988858ece1c83df7.exe

  • Size

    65KB

  • MD5

    4a180dad5e625cfc2b975de6903c5017

  • SHA1

    57817e17fff3a244b7f8aa0bcdc342e99a522eb0

  • SHA256

    f3f81d789e68cab7f804bd047c65ff3884f903fe5f804118988858ece1c83df7

  • SHA512

    0af8f67874ba041f235839c8a1ce53da5aa6393b48fb879c13c02230313fd3db1c26391a04f0ebab523f76d51e9f2d0955a76fb37efa341423e3ca51a6d1cf5b

  • SSDEEP

    1536:JGjtEqXJ0fjxiOYoqDdOz7iHF8zD1LvEVgOPgx/89M0/U:sjdJ04D8z7iHwBzOkX08

  Score

  10^/10

  salitybackdoordiscoveryevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • Sality family

    sality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2