Managed XDR

log_dll (OwlTraitor.Stager) — malware analysis report

File info

Filename
log_dll
File type
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
File size
98 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
b992878f372dd71064f359b3a9833939d3851daf
SHA256
a5e85d5490c0f9d21b4572199d18b9c3a5eed80e07e89e75b9f145b5abc33d5a
MD5
52fa82cfc460563c79486c9f3fd059de

Malwares

  • OwlTraitor.Stager

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
no_graphical_activity: No graphic activity
message_box: Displays a message

Related reports