Managed XDR

wecreatedbestthignswit...atattitudewithgrea.doc — malware analysis report

File info

Filename
wecreatedbestthignswithgreatattitudewithgreatpresenceformewecreatedbestthignswithgreatattitudewith...dbestthignswithgreatattitudewithgreatpresenceformewecreatedbestthignswithgreatattitudewithgrea.doc
File type
Rich Text Format data, version 1, unknown character set
File size
100.5 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
914fb4b0a5d22594064feb9219e3ac33fd704cb2
SHA256
6407c425b52a58f6d4db6af66fa67a214bd658d9fcb6dd2d08b88dc6d507571e
MD5
737193309b0945411657a42faa2e0dc8

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
get_policy_info: Retrieves information about a Policy object
test_check_service: Starts services
antisandbox_check_graphics_card: Uses CreateDXGIFactory, potentially to detect graphics card
Managed XDR