Managed XDR

codex-gigas_e4ef1e3bc0...64d7fe96969f76ab814900 — malware analysis report

File info

Filename
codex-gigas_e4ef1e3bc064d7fe96969f76ab814900
File type
PE32 executable (GUI) Intel 80386, for MS Windows
File size
2.7 MB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
4594ee69ae6f83b92563c60f0bab5aa7a2cdfa78
SHA256
43e76942c66b3e17742210ad4cdfc1fb978c55b3a81b737a150570da10582e29
MD5
2b4d216c279b17062963ecb57400df9a

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 unnamed_memory_regions_contains_pe: One or several unnamed memory regions are PE files
T1027.002 unnamed_memory_regions: Code was executed in unnamed regions
T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Command and Control

T1071.001 network_http: Performs HTTP requests

Other

yara_rules: Static rules
no_graphical_activity: No graphic activity
message_box: Displays a message