Managed XDR
Group-IB MDP Report
File info
Filename: vtdl_g9qlp5vo
File Type: PE32 executable (GUI) Intel 80386, for MS Windows
File Size: 387.5 KB
Env info
win7/x86 en
Hashes
SHA1: e38ee4574b4423d348f7c1767afb7439809b0370
SHA256: b972db118210e911a68423a1c95aa28c204d074cb4ab7135fed7774d0fabb02f
MD5: 3a3bdfdbcb5c5fe563b6d9b11017a0dd
Malwares
Tinba
Signatures
Privilege Escalation
T1134 opens_process_token: Opens the access token associated with a process
Defense Evasion
T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_process_token: Opens the access token associated with a process
Other
yara_rules: Static rules
process_crashed: One of the processes has failed
no_graphical_activity: No graphic activity
has_pdb: This executable file has a PDB path
test_check_service: Starts services
next report: 2359c2dc-b34c-4d3f-8295-0160d5a5d535
previous report: 711ba37d-bbf2-42d1-87db-5fb0346df588
Managed XDR