Managed XDR

scratch-zoo-2025-04-15...e15912385ef8c41405a819 — malware analysis report

File info

Filename
scratch-zoo-2025-04-15-6013a54ceee15912385ef8c41405a819
File type
MS Windows shortcut, Has Description string, Has command line arguments, Icon number=0, ctime=Mon Jan 1 00:00:00 1601, mtime=Mon Jan 1 00:00:00 1601, atime=Mon Jan 1 00:00:00 1601, length=0, window=hidenormalshowminimized
File size
549.8 KB
First seen
Last seen

Environment

win7/x64 en

Hashes

SHA1
3be92f172c64d4c827b524da81038efa2ee5262c
SHA256
7bed4de469d5f23f35f835d6bf1b7678b4ff6ccaefd9604e929abd448d6d43e1
MD5
6013a54ceee15912385ef8c41405a819

Signatures

Execution

T1059.001 suspicious_powershell: Creates suspicious powershell process
T1053.005 persistence_autorun: Makes itself run automatically on Windows startup
T1059.001 suspicious_process: Spawns a suspicious process

Persistence

T1053.005 persistence_autorun: Makes itself run automatically on Windows startup

Privilege Escalation

T1053.005 persistence_autorun: Makes itself run automatically on Windows startup

Defense Evasion

T1027.002 unnamed_memory_regions: Code was executed in unnamed regions

Other

unexpected_exception: Unexpected exception
no_graphical_activity: No graphic activity
creates_suspended_process: Creates suspended process
yara_rules: Static rules