Managed XDR

5f78bd1be09ca8c2a6fa8cb321ff67e1.virus — malware analysis report

File info

Filename
5f78bd1be09ca8c2a6fa8cb321ff67e1.virus
File type
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
File size
396 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
7e1356dafa0bc1907bd2bc49c1a53dd161e390f0
SHA256
15aa588e63837bf7418041b40509e59d9d3ffa888f7d07ccad1efb836811a93c
MD5
5f78bd1be09ca8c2a6fa8cb321ff67e1

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
no_graphical_activity: No graphic activity