Managed XDR

simpleudp.exe — malware analysis report

File info

Filename
simpleudp.exe
File type
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
File size
351 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
a938d240501e1cdec899b466942cdafe9df579e0
SHA256
315b51250ccd47e75f37baffedf4da6900da716e0737e759e65a6d54b3f055cf
MD5
392724c16b91d49cb8b66ba9441bd0d4

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_upx: The executable file is compressed using UPX
T1027.002 pe_features: Executable file has PE anomalies (may be false positive)
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
process_crashed: One of the processes has failed
unexpected_exception: Unexpected exception
no_graphical_activity: No graphic activity
test_check_service: Starts services
Managed XDR