Managed XDR

mspub.exe — malware analysis report

File info

Filename
mspub.exe
File type
PE32 executable (GUI) Intel 80386, for MS Windows
File size
9.7 MB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
57ac1b14ce6ca41120a3a4449d5b9d5bb6fc5c0a
SHA256
3e69232850c9694bcc5439de6cab1419192f08271e89c477245e13760d0c7fb4
MD5
5c55d9b1ed4848397ecdf67995ca0c6e

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
no_graphical_activity: No graphic activity
has_pdb: This executable file has a PDB path