Managed XDR

yourmom.exe — malware analysis report

File info

Filename
yourmom.exe
File type
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
File size
576.9 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
b112afe83513aa12f08074dfb1c0e949f0507902
SHA256
7e0cc4b241837f78273ca04d140bd2e94ccadcb8cc9d393469509ffc1dd8f2f6
MD5
809770b34debafaeaa78843aece54806

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
non_quadratic_icon: Icon is not square
no_graphical_activity: No graphic activity
message_box: Displays a message
pe_overlay: PE file contains overlay