Sality is a complex virus with keylogger and backdoor functionality. Once executed, the parasite installs itself to the system, checks the current time and runs a payload if hours are equal to minutes or if date is a predetermined one.
Sality infects local executable files, deletes files associated with installed security-related software including various antiviruses and firewalls. Then it runs a keylogging module, which collects system and network information, records user login names and passwords, steals sensitive information stored in specific files and finally sends all this data to a predefined e-mail address.
Sality can also open a back door providing the remote attacker with unauthorized access to the compromised computer. The intruder can control the system and steal other user sensitive information.
Related files: oledsp32.dll
• Allows remote user connection
• Sends out logs by FTP or email
• Logs keystrokes
• Hides from the user
• Stays resident in background
It might be that we are affiliated with any of our recommended products. Full disclosure can be found in
our Agreement of Use.