Managed XDR

home-share-sample-gray...edf43c56fb6b0c6ebbd008 — malware analysis report

File info

Filename
home-share-sample-gray-cde_pe_samples-sample_decompress-20201111-2020_11_11_9_49_54_953660_31230cca548088d698fe76e28bb38eec-hit-cd57c4aebdedf43c56fb6b0c6ebbd008
File type
PE32 executable (GUI) Intel 80386, for MS Windows
File size
459.1 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
1890073581ca4fbafa114816f82312baf6eab35e
SHA256
bbb6dbd85726eb37d04388c80d627ee851d9e55094f9e98920de4ff8390dfa8b
MD5
cd57c4aebdedf43c56fb6b0c6ebbd008

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
process_crashed: One of the processes has failed
no_graphical_activity: No graphic activity
pe_overlay: PE file contains overlay