Extracted

• • Target

    JaffaCakes118_4742c3c1fd19ac3bac9038bf77abbca0

  • Size

    248KB

  • MD5

    4742c3c1fd19ac3bac9038bf77abbca0

  • SHA1

    0559b9c8ff3bf3ef0ae47aa76e38f71f35df188a

  • SHA256

    493f3f41d0a6372bbd47add1882be469bf7819070c70c2aad306d487aecbfa68

  • SHA512

    8c60c5e6382ff087b3a13166d4186ae08f34386a8ebf40b4adafc8f888bd87ed5abcea819a87551985299074976d65d5918d06f123eec719025ef823107740f8

  • SSDEEP

    6144:AQ9CAk6i0I2oRuwwMnhPU2+wo2LWJ494Mo:7vLUTifwo2LV9No

  Score

  10^/10

  salitybackdoordiscoveryevasiontrojanupx

  • Modifies firewall policy service

    evasion

  • Sality

    Sality is backdoor written in C++, first discovered in 2003.

    backdoorsality

  • Sality family

    sality

  • UAC bypass

    evasiontrojan

  • Windows security bypass

    evasiontrojan

  • Windows security modification

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2

• • Target

    $PLUGINSDIR/InstallOptions.dll

  • Size

    14KB

  • MD5

    325b008aec81e5aaa57096f05d4212b5

  • SHA1

    27a2d89747a20305b6518438eff5b9f57f7df5c3

  • SHA256

    c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

  • SHA512

    18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

  • SSDEEP

    192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo

  Score

  3^/10

  discovery
  behavioral3behavioral4