Managed XDR

vtdl_3rbh6j2o — malware analysis report

File info

Filename
vtdl_3rbh6j2o
File type
MS Windows shortcut, Item id list present, ctime=Wed Sep 25 06:10:33 2024, mtime=Wed Sep 25 06:10:33 2024, atime=Wed Sep 25 06:10:33 2024, length=0, window=hide
File size
1.1 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
041119eaff61466a5270c586f120e6caef15318a
SHA256
8e293156cc2ca7a16dcef63aa1e4d0aca191e75afcc05e388441b1d8e8d5dc7f
MD5
0e361c4d68860f1fe2102e61607eed35

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
unexpected_exception: Unexpected exception
creates_suspended_process: Creates suspended process