Managed XDR

vtdl_1741342517_ubcqlvzz — отчёт о динамическом анализе вредоносного файла

Информация о файле

Имя файла
vtdl_1741342517_ubcqlvzz
Тип файла
PE32 executable (GUI) Intel 80386, for MS Windows
Размер файла
124.4 KB
Первое обнаружение
Последнее обнаружение

Окружение

win7/x86 en

Хеши

SHA1
c16d58b1a4a7e276fc5a824d655fda25d4ea585a
SHA256
d46575071fcdabd012e5aa6429d43ba7dae6420308432079be96b0b14a832b66
MD5
8d2417de4671adb4267d38e9e17d402a

Сигнатуры

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1036.001 invalid_authenticode: Digital signature of the executable file has failed the verification
T1497.003 antisandbox_sleep: The process attempted to slow down analysis
T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Discovery

T1497.003 antisandbox_sleep: The process attempted to slow down analysis

Other

yara_rules: Static rules
dead_host: Connects to IP addresses that do not respond to requests
no_graphical_activity: No graphic activity
pe_overlay: PE file contains overlay
Managed XDR