Managed XDR

vtdl_1736793303__o7jy_k4 (Hupigon) — malware analysis report

File info

Filename
vtdl_1736793303__o7jy_k4
File type
PE32 executable (GUI) Intel 80386, for MS Windows
File size
5.5 MB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
207ab590089df87b695667c45eb3af4f7ab90572
SHA256
3f4af97c946792d5833c42ad0cf7a49bb53e10224d8ae4cfe900a56198896bd1
MD5
47403c7bbc338f45ac3c1ae2baeeaef7

Malwares

  • Hupigon

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1070.004 deletes_self: Moves to different location or removes the original executable file
T1027.002 packer_polymorphic: Creates a modified copy of itself
T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_process_token: Opens the access token associated with a process
T1027.001 static_overlay_padding: Overlay contents padding

Other

yara_rules: Static rules
executes_dropped_exe: Executes dropped exe files
no_graphical_activity: No graphic activity
pe_overlay: PE file contains overlay

Related reports