Managed XDR

vtdl_1753794085_y123ew07 — malware analysis report

File info

Filename
vtdl_1753794085_y123ew07
File type
SMTP mail, ASCII text, with CRLF line terminators
File size
4.3 MB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
8afed842b2407b2e04de005ab331c4a879439cba
SHA256
f05cc2f155e2fd152f8da2548dda7ce1a312abf43a458de3b531830b809288e8
MD5
d8f985a4a0af3a1034e9ae45fd6dc511

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1027.002 pe_features: Executable file has PE anomalies (may be false positive)
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
no_graphical_activity: No graphic activity
has_pdb: This executable file has a PDB path
enables_execute_access_on_stack: Enable execution access on stack
Managed XDR