Managed XDR

842ffa46cd5af870d40e2e...cea6bdc149-dropped.bin — malware analysis report

File info

Filename
842ffa46cd5af870d40e2e8130cdcf378ece3e487b21cc90bb309ccea6bdc149-dropped.bin
File type
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
File size
8.2 MB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
10f7caa09ff507488769885c3f8afa1985342378
SHA256
842ffa46cd5af870d40e2e8130cdcf378ece3e487b21cc90bb309ccea6bdc149
MD5
58de212df969e8ef5587782e60aebc61

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
no_graphical_activity: No graphic activity
message_box: Displays a message
pe_overlay: PE file contains overlay