Managed XDR

vtdl_1750456892_aqf846xa — отчёт о динамическом анализе вредоносного файла

Информация о файле

Имя файла
vtdl_1750456892_aqf846xa
Тип файла
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has command line arguments, Icon number=7, Archive, ctime=Mon Apr 14 12:00:00 2008, mtime=Thu Mar 24 09:20:09 2016, atime=Sat Feb 5 06:56:36 2022, length=32768, window=
Размер файла
1.4 KB
Первое обнаружение
Последнее обнаружение

Окружение

win7/x86 en

Хеши

SHA1
5e06b9407133499de0b2dcc95928c93a3e6dcd75
SHA256
dc3a7ff49a836a50fed5d305a5d84d6ba2a43d857b441fe618469eb5f5d2c26e
MD5
03eeaa46864e5f817aef48238a4ed179

Сигнатуры

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Discovery

T1518 locates_browser: Attempts to identify where browsers are installed

Other

yara_rules: Static rules
unexpected_exception: Unexpected exception
no_graphical_activity: No graphic activity
creates_suspended_process: Creates suspended process
message_box: Displays a message
get_policy_info: Retrieves information about a Policy object