Managed XDR

vtdl_1752027132_rq8680f9 — malware analysis report

File info

Filename
vtdl_1752027132_rq8680f9
File type
MS Windows shortcut, Item id list present, Points to a file or directory, Has command line arguments, Icon number=3, Archive, ctime=Wed Jun 2 06:09:23 2021, mtime=Thu Jun 26 06:45:14 2025, atime=Wed Jun 2 06:09:23 2021, length=71680, window=hide
File size
1.7 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
a6e44e45673f875b5eaec499f1813870226ebeb9
SHA256
05ebba3f9a934b8672ffc7a7eccb3e8fc47fd88f4327c47dc1699b1b0a9371d6
MD5
0d8eb944e2a885bb987e57a4d50f36ae

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Discovery

T1518 locates_browser: Attempts to identify where browsers are installed

Other

yara_rules: Static rules
unexpected_exception: Unexpected exception
no_graphical_activity: No graphic activity
creates_suspended_process: Creates suspended process
message_box: Displays a message
get_policy_info: Retrieves information about a Policy object