Managed XDR

vtdl_1748638567_ewit8jst — malware analysis report

File info

Filename
vtdl_1748638567_ewit8jst
File type
MS Windows shortcut, Item id list present, Points to a file or directory, Has command line arguments, Icon number=3, Archive, ctime=Sat Dec 7 09:09:07 2019, mtime=Wed Sep 4 11:42:32 2024, atime=Sat Dec 7 09:09:07 2019, length=71680, window=hide
File size
1.7 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
fcd28e3b23b302ec4ef49866c1515a94eea34706
SHA256
5fe26e2aa933def81c6078adbb41bc2896b33b6a2904743ba84b432f60d16104
MD5
08845feb20f8d54d7a9f5e05da17dd0e

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Discovery

T1518 locates_browser: Attempts to identify where browsers are installed

Other

yara_rules: Static rules
unexpected_exception: Unexpected exception
no_graphical_activity: No graphic activity
creates_suspended_process: Creates suspended process
message_box: Displays a message
get_policy_info: Retrieves information about a Policy object