Managed XDR

wecreatedbestthignswit...atattitudewithgrea.doc — отчёт о динамическом анализе вредоносного файла

Информация о файле

Имя файла
wecreatedbestthignswithgreatattitudewithgreatpresenceformewecreatedbestthignswithgreatattitudewith...dbestthignswithgreatattitudewithgreatpresenceformewecreatedbestthignswithgreatattitudewithgrea.doc
Тип файла
Rich Text Format data, version 1, unknown character set
Размер файла
100.5 KB
Первое обнаружение
Последнее обнаружение

Окружение

win7/x86 en

Хеши

SHA1
914fb4b0a5d22594064feb9219e3ac33fd704cb2
SHA256
6407c425b52a58f6d4db6af66fa67a214bd658d9fcb6dd2d08b88dc6d507571e
MD5
737193309b0945411657a42faa2e0dc8

Сигнатуры

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
get_policy_info: Retrieves information about a Policy object
test_check_service: Starts services
antisandbox_check_graphics_card: Uses CreateDXGIFactory, potentially to detect graphics card
Managed XDR