Managed XDR

c-programdata-microsof...-toolbar-inbox.com.lnk — отчёт о динамическом анализе вредоносного файла

Информация о файле

Имя файла
c-programdata-microsoft-windows-start-menu-programs-inbox-toolbar-inbox.com.lnk
Тип файла
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Fri May 9 22:42:32 2025, mtime=Fri May 9 22:43:25 2025, atime=Fri Apr 26 05:43:20 2013, length=1712264, window=hide
Размер файла
1.2 KB
Первое обнаружение
Последнее обнаружение

Окружение

win7/x64 en

Хеши

SHA1
845ba2ae28befcf9a419bdf298a49a524fcf6b78
SHA256
d9e3bdef30b063528a3fd91c801122441894e245320b49b70e71c1ee7923a0c1
MD5
5833179096b34ef2cb687c3fc1d71218

Сигнатуры

Execution

T1204 suspicious_lnk: LNK file with suspicious content
T1059.001 url_cmdline: Cmdline of process contains URL
T1059.003 url_cmdline: Cmdline of process contains URL

Defense Evasion

T1027.002 unnamed_memory_regions: Code was executed in unnamed regions

Other

create_process_failed: Could not start the process
unexpected_exception: Unexpected exception
no_graphical_activity: No graphic activity
creates_suspended_process: Creates suspended process
yara_rules: Static rules