Managed XDR

5f78bd1be09ca8c2a6fa8cb321ff67e1.virus — отчёт о динамическом анализе вредоносного файла

Информация о файле

Имя файла
5f78bd1be09ca8c2a6fa8cb321ff67e1.virus
Тип файла
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Размер файла
396 KB
Первое обнаружение
Последнее обнаружение

Окружение

win7/x86 en

Хеши

SHA1
7e1356dafa0bc1907bd2bc49c1a53dd161e390f0
SHA256
15aa588e63837bf7418041b40509e59d9d3ffa888f7d07ccad1efb836811a93c
MD5
5f78bd1be09ca8c2a6fa8cb321ff67e1

Сигнатуры

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
no_graphical_activity: No graphic activity