Managed XDR

vtdl_1748637480_f4dovk86 — malware analysis report

File info

Filename
vtdl_1748637480_f4dovk86
File type
MS Windows shortcut, Item id list present, Points to a file or directory, Has command line arguments, Icon number=3, Archive, ctime=Sun Aug 4 17:30:02 2024, mtime=Sun Aug 4 17:30:03 2024, atime=Sun Aug 4 17:30:02 2024, length=46080, window=hide
File size
1.6 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
b21f434be0d5f258f12cc49ba7dbdf05441df25c
SHA256
16fec9ead36df66b8c76e06aef79783ff84ce6ba668bb78e6c9ee8f2df6b1f57
MD5
2c17a9a756c496907bb6703f07bcfcfe

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Discovery

T1518 locates_browser: Attempts to identify where browsers are installed

Other

yara_rules: Static rules
unexpected_exception: Unexpected exception
no_graphical_activity: No graphic activity
creates_suspended_process: Creates suspended process
message_box: Displays a message
get_policy_info: Retrieves information about a Policy object