Extracted

• • Target

    40017039c9f2d08f606df2199c577293de21c0b486baf3675da7a82898b8f838N.exe

  • Size

    65KB

  • MD5

    6bc2d61adfac4183da34c9083c4f2430

  • SHA1

    e4387c44dca07eef63fe2c9e238ffffe653a6ea1

  • SHA256

    40017039c9f2d08f606df2199c577293de21c0b486baf3675da7a82898b8f838

  • SHA512

    31d87deb837b8fca86fe286e7c690ad042c5a81da0ea67921d45587d8e973867705745d8061dc3d641b6355d0a8aed27916e56b4a49e12f30b67b6d44f1ec3d2

  • SSDEEP

    1536:iHUn67HlJiqqFeac/Kh6+ybA4tBnGDkf8xPOaD+rpVtZuzJ1zwnwv:iHk67HDlqFoC9+AdDkfZa+pVOwu

  Score

  10^/10

  salitybackdoordiscoveryevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • Sality family

    sality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2