Managed XDR

defence.jar — отчёт о динамическом анализе вредоносного файла

Информация о файле

Имя файла
defence.jar
Тип файла
Zip archive data, at least v2.0 to extract
Размер файла
264.6 KB
Первое обнаружение
Последнее обнаружение

Окружение

win7/x86 en

Хеши

SHA1
f9ac7d1d4da64d8c091d7ceaf10f7821b16d8984
SHA256
db3fb63eed88ae5c2427e47f2767fca1282f7a41f7f4a3e171aabf73ffaaf07d
MD5
6f67a1bd9295efef3a2695929b2d0b7b

Сигнатуры

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Discovery

T1033 recon_beacon: The process has sent information about the computer over the network

Command and Control

T1071.001 recon_beacon: The process has sent information about the computer over the network

Other

suricata_alert: Malicious traffic detected
creates_in_programdata: Creates files in the ProgramData directory