Managed XDR

c-users-dyrektor-appda...f9f1-c16f5b6f114b-.lnk — malware analysis report

File info

Filename
c-users-dyrektor-appdata-roaming-bb93d2c2-805f-80c6-f9f1-c16f5b6f114b-a8ab9aed-c870-93fe-f9f1-c16f5b6f114b-.lnk
File type
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has command line arguments, Archive, ctime=Wed May 15 05:17:46 2024, mtime=Tue Jul 16 09:54:09 2024, atime=Wed May 15 05:17:46 2024, length=236544, window=hidenormalshowminimized
File size
3.4 KB
First seen
Last seen

Environment

win7/x64 en

Hashes

SHA1
3077ae04dc963efb082263637f0138c207f445ae
SHA256
d8a7ff210a6518ea95338bc2ed904a1d72c698ad14da7a86cee06a2fa459876c
MD5
034c038be649ace057a1f0f5f6621421

Signatures

Execution

T1204 suspicious_lnk: LNK file with suspicious content
T1059.001 suspicious_powershell: Creates suspicious powershell process
T1059.001 suspicious_process: Spawns a suspicious process

Defense Evasion

T1027.002 unnamed_memory_regions: Code was executed in unnamed regions

Other

unexpected_exception: Unexpected exception
creates_suspended_process: Creates suspended process