Managed XDR

virusshare_1e6ed71bdf65fa910b41af1a05dd31af — malware analysis report

File info

Filename
virusshare_1e6ed71bdf65fa910b41af1a05dd31af
File type
PE32 executable (GUI) Intel 80386, for MS Windows
File size
465.7 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
6aee26614c4eeb6e153e8bd7f35562cef5cbcdb6
SHA256
9440c7967d26eb1f0db2282002034f43e9533f7d6b54a88cd199d6c9dd301199
MD5
1e6ed71bdf65fa910b41af1a05dd31af

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
process_crashed: One of the processes has failed
no_graphical_activity: No graphic activity
pe_overlay: PE file contains overlay