Managed XDR

vtdl_1748648369_gtdn60ex — malware analysis report

File info

Filename
vtdl_1748648369_gtdn60ex
File type
MS Windows shortcut, Item id list present, Points to a file or directory, Has command line arguments, Icon number=3, Archive, ctime=Wed May 14 08:52:23 2025, mtime=Mon May 19 07:53:30 2025, atime=Wed May 14 08:52:23 2025, length=89600, window=hide
File size
1.6 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
78040a8321771232926911b158da4bd113faa1bd
SHA256
156a6c449ba15c8c76545d897637a14ce87d7cb9d1516dc5c36a71c97d4c53ce
MD5
36452380d05044aaec330a06639a65a7

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Discovery

T1518 locates_browser: Attempts to identify where browsers are installed

Other

yara_rules: Static rules
unexpected_exception: Unexpected exception
no_graphical_activity: No graphic activity
creates_suspended_process: Creates suspended process
message_box: Displays a message
get_policy_info: Retrieves information about a Policy object