Managed XDR

home-share-sample-gray...f48970022380500f9bfb68 — malware analysis report

File info

Filename
home-share-sample-gray-cde_pe_samples-sample_decompress-20201111-2020_11_11_9_55_7_866794_ccc8d9598f96505398d23ee8bdf4be3d-hit-7e2b861db7f48970022380500f9bfb68
File type
PE32 executable (GUI) Intel 80386, for MS Windows
File size
453.5 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
d7ce2fc8d9a2a1195efd853dc161f15ba8cf30fd
SHA256
d15456e6e16bc65e5b4c2e0b89fc49c5e9addd3360d2e9809e28490174cd861a
MD5
7e2b861db7f48970022380500f9bfb68

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
process_crashed: One of the processes has failed
no_graphical_activity: No graphic activity
pe_overlay: PE file contains overlay