Managed XDR

vtdl_7ykdgi8z — отчёт о динамическом анализе вредоносного файла

Информация о файле

Имя файла
vtdl_7ykdgi8z
Тип файла
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has command line arguments, Icon number=7, Archive, ctime=Wed Mar 22 03:01:18 2023, mtime=Tue Oct 8 02:54:43 2024, atime=Wed Mar 22 03:01:18 2023, length=61440, window=
Размер файла
1.7 KB
Первое обнаружение
Последнее обнаружение

Окружение

win7/x86 en

Хеши

SHA1
33ea3eb67af0918fb5579404061257f6eaa6d7ec
SHA256
61b99deba16ccc64b91203fda1018922b3c1652eb465d5ab5769e90c327b029c
MD5
f9a26b190dc0d27ac8701d5c753776a1

Сигнатуры

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Discovery

T1518 locates_browser: Attempts to identify where browsers are installed

Other

yara_rules: Static rules
unexpected_exception: Unexpected exception
no_graphical_activity: No graphic activity
creates_suspended_process: Creates suspended process
message_box: Displays a message
get_policy_info: Retrieves information about a Policy object