Extracted

• • Target

    JaffaCakes118_0726e9946c282a7d746d2eed7ae006e0

  • Size

    164KB

  • MD5

    0726e9946c282a7d746d2eed7ae006e0

  • SHA1

    8f2f2e07f547159c1b0c6caffab62876a87e69e0

  • SHA256

    6f7d5dd0922f6a98885fe21b0bd6dcdb2ee9514b62637eb2bcd234179363a36a

  • SHA512

    da2b5b91beb9fae42701565ef6a1c7012f1610500dae60cc59fdb3ff38ac2153e62edc76390b34ca1b062802fdb428fcc6694faabd97150f5e84ccf300a7b068

  • SSDEEP

    3072:/NQKPWDysI0hJltZrpRRy3ugGAEtTCghFz5krRJqwTpjLTwH0:/NSDysISthp+GZEghYqsFO0

  Score

  10^/10

  discoverysalitybackdoorevasionpersistenceprivilege_escalationtrojanupx

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • Sality family

    sality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Disables RegEdit via registry modification

    evasion

  • Disables Task Manager via registry modification

    evasion

  • Modifies Windows Firewall

    evasion

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2