Extracted

• • Target

    cfe2ae1cfcbb011acab1f7796c0413164f572fc523c829bab9856cde09847846.exe

  • Size

    65KB

  • MD5

    b45747b6ea492d5c04843759a6654de6

  • SHA1

    a0498a9c7f0e78b14eaedba8d1a0445ef1ea6b2e

  • SHA256

    cfe2ae1cfcbb011acab1f7796c0413164f572fc523c829bab9856cde09847846

  • SHA512

    93a27ccbfde032958f6f58190fff4f3fcb0f35aecf40bc12d75152eddc3281c5cc855ae3355d5112e9789ae752a9989b7527f7399fd798ee1678a33d2ab42eff

  • SSDEEP

    1536:qd7JTAbPsFQM0L3avOJu1dI7a+StLFBVsELtXL88HK:YEbkFQM02vOJ0I7a+cRbZXor

  Score

  10^/10

  salitybackdoordiscoveryevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • Sality family

    sality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2