|
gptkbp:instanceOf
|
gptkb:virus
|
|
gptkbp:abilities
|
downloads additional malware
disables security software
steals sensitive information
joins infected machines to botnet
spreads peer-to-peer
|
|
gptkbp:affects
|
gptkb:Windows_8
gptkb:Windows_10
gptkb:Windows_7
gptkb:Windows_Vista
gptkb:Windows_XP
|
|
gptkbp:alsoKnownAs
|
gptkb:Sality
|
|
gptkbp:category
|
gptkb:Win32/Sality
|
|
gptkbp:commanded
|
peer-to-peer
hardcoded IP addresses
|
|
gptkbp:detects
|
gptkb:Avast
gptkb:Kaspersky
gptkb:ESET
gptkb:Bitdefender
gptkb:Microsoft_Defender
|
|
gptkbp:discoveredBy
|
2003
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
PE SALITY
|
|
gptkbp:infects
|
injects code into processes
infects .exe and .scr files
modifies registry
|
|
gptkbp:notableEvent
|
large-scale botnet activity in 2010s
|
|
gptkbp:notableFeature
|
modular architecture
self-updating
|
|
gptkbp:notableVariant
|
gptkb:Sality.AG
gptkb:Sality.N
Sality.AE
|
|
gptkbp:platform
|
gptkb:Windows
|
|
gptkbp:removalDifficulty
|
difficult
|
|
gptkbp:removes
|
gptkb:Microsoft_Safety_Scanner
gptkb:ESET_Sality_Remover
Kaspersky Virus Removal Tool
|
|
gptkbp:riskFactor
|
high
|
|
gptkbp:signature
|
gptkb:Win32/Sality
|
|
gptkbp:spreadTo
|
removable drives
network shares
infecting executable files
|
|
gptkbp:target
|
personal computers
corporate networks
|
|
gptkbp:uses
|
peer-to-peer communication
polymorphic code
rootkit techniques
|
|
gptkbp:usesMalware
|
botnet
file infector
|
|
gptkbp:bfsParent
|
gptkb:Sality
|
|
gptkbp:bfsLayer
|
7
|