Managed XDR

vtdl_rxof162u (Darktrack, Ozone RAT) — malware analysis report

File info

Filename: vtdl_rxof162u
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 647.5 KB
First seen: 2024-09-03 09:51
Last seen: 2024-09-03 09:51

Environment

win7/x86 en

Hashes

SHA1: a8533ee99f9c5fadb5856647836c18198f956adb
SHA256: 45b33888ddb2748434643e4811f156f1fc2a5d339d3577945d8c9e9d88c5ff57
MD5: aac8edf78f4b9da09f83ba0b14e1177f

Malwares

Darktrack
Ozone RAT

Signatures

Privilege Escalation

T1055 injection_failed: The attempt to inject into a process has failed

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data

T1055 injection_failed: The attempt to inject into a process has failed

Other

yara_rules: Static rules

no_graphical_activity: No graphic activity

pe_overlay: PE file contains overlay

Related reports

Managed XDR