Managed XDR

vtdl_x93a_p4h (Adwind) — malware analysis report

File info

Filename: vtdl_x93a_p4h
File type: Composite Document File V2 Document, Cannot read section info
File size: 119.5 KB
First seen: 2024-10-10 01:56
Last seen: 2024-10-10 01:56

Environment

win7/x86 en

Hashes

SHA1: c4166e9bd5d8cc81d37351866330878bb0b566fd
SHA256: f685c4498abc43ec22000ba75ebbac0ac26a5916c2b1e47a99cf0c542dad3da9
MD5: a9e2390d6b8e63e0667951e57becedd0

Malwares

Adwind

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules

no_graphical_activity: No graphic activity

Related reports