Managed XDR

192df6677a2fbc4779a107a2376a7098.virus — malware analysis report

File info

Filename
192df6677a2fbc4779a107a2376a7098.virus
File type
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
File size
380 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
920794d1260856bee525bd1754b584ce0d8d7f71
SHA256
ae32280292de2d624e2b80e7faf9dddcdb2d6f47b03a51cfc6750861c428bdc5
MD5
192df6677a2fbc4779a107a2376a7098

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
process_crashed: One of the processes has failed
no_graphical_activity: No graphic activity
test_check_service: Starts services