Managed XDR

remote-accesslauncher_icon.exe — malware analysis report

File info

Filename
remote-accesslauncher_icon.exe
File type
PE32 executable (GUI) Intel 80386, for MS Windows
File size
391 KB
First seen
Last seen

Environment

w10/x86 en

Hashes

SHA1
b15e3cc3896c183a8c1fa90f4c5d8f011ef852fa
SHA256
237c8ec9408a7c1ba1f30a42bf916b379ff89f4f5d7755c760e2f91010b5d5fb
MD5
f3806a9ffc3ca62baf9af5c0b58d257b

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
no_graphical_activity: No graphic activity
require_administrator: Requests administrator privileges
writes_data: Writes big amount of data to disk
Managed XDR