Managed XDR

4bac72d24c4e1020efc531...1761964288597398038.gz — malware analysis report

File info

Filename
4bac72d24c4e1020efc53126bc0685e129254817081e67ea643efd1e60fe8dda-1761964288597398038.gz
File type
gzip compressed data
File size
2.3 MB
First seen
Last seen

Environment

w10/x64 en

Hashes

SHA1
e2a2f4dc28d4d0c00827fa08ef5676d15803f03f
SHA256
5005ae53806d2a62c05c3c2d0c3d5027721159bb0f2ed081824141c928ad2d0d
MD5
9938b5bf7300b8753e0cd93ba79f8921

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_polymorphic: Creates a modified copy of itself
T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_process_token: Opens the access token associated with a process

Collection

T1074.001 access_recyclebin: Manipulation with recyclebin detected

Other

creates_exe: Creates executable files in the file system
only_exec_in_archive: The archive contains only an executable file
writes_data: Writes big amount of data to disk
pe_overlay: PE file contains overlay
Managed XDR