Managed XDR

home-share-sample-gray...475d9f606829e3b520e1be — malware analysis report

File info

Filename
home-share-sample-gray-cde_pe_samples-sample_decompress-20201107-2020_11_7_14_15_44_754754_67ed4c384b59c723af9a4efacddbb30d-hit-22af0d23e5475d9f606829e3b520e1be
File type
PE32 executable (GUI) Intel 80386, for MS Windows
File size
460.4 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
1cc2595c55a66ef9345f48715aa44a04526df102
SHA256
235e409cb7a37fefb101c874e4b82a29b3a0a76e6ea5994bfbb20feaad1a05bd
MD5
22af0d23e5475d9f606829e3b520e1be

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
process_crashed: One of the processes has failed
no_graphical_activity: No graphic activity
pe_overlay: PE file contains overlay