Managed XDR

scratch-zoo-2025-03-07...aca3bfe9717c5305e66ac4 — malware analysis report

File info

Filename
scratch-zoo-2025-03-07-2aa7382eefaca3bfe9717c5305e66ac4
File type
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
File size
381 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
5a88e37c603f40dd2709a3b6b88f644c6e90daaa
SHA256
142cdee049c539ce0d83a7283f32f9ac43c77d1bb95231c8840d94d5f2e90933
MD5
2aa7382eefaca3bfe9717c5305e66ac4

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1027.002 pe_features: Executable file has PE anomalies (may be false positive)
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
process_crashed: One of the processes has failed
no_graphical_activity: No graphic activity
test_check_service: Starts services
Managed XDR