Managed XDR

vtdl_1748637468_bbd4s3yl — malware analysis report

File info

Filename
vtdl_1748637468_bbd4s3yl
File type
MS Windows shortcut, Item id list present, Points to a file or directory, Has Working directory, Has command line arguments, Icon number=8, Archive, ctime=Wed Oct 6 13:27:28 2021, mtime=Tue May 6 02:32:42 2025, atime=Wed Oct 6 13:27:28 2021, length=236544, window=hidenormalshowminimized
File size
1.7 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
232ab9f46f6193a3bf44a7f66d1154acb4955758
SHA256
0a3c09f54b6ea2dadd982124fc983c86741e882b787b4bc20588660e34e5d7a6
MD5
386777ddd1bb4f2a65e88e022cffb5f1

Signatures

Execution

T1204 suspicious_lnk: LNK file with suspicious content

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Discovery

T1518 locates_browser: Attempts to identify where browsers are installed

Other

yara_rules: Static rules
unexpected_exception: Unexpected exception
no_graphical_activity: No graphic activity
creates_suspended_process: Creates suspended process
get_policy_info: Retrieves information about a Policy object