Managed XDR

p.eml — malware analysis report

File info

Filename
p.eml
File type
multipart/mixed; boundary="===============8041005740631693669==", ASCII text
File size
142.3 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
b807fd4d57248db704981564bc1837baab6d5f72
SHA256
83b97dd272b8fef2d66d8b839c3003add1d4a7d0c29bf146d9bb8a5d3c870fb7
MD5
36e16e441278ff7cb2d5f210e1650a1c

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
pe_overlay: PE file contains overlay
Managed XDR