Managed XDR

74d96265eedbfd55374ea5adbac32323.virus — отчёт о динамическом анализе вредоносного файла

Информация о файле

Имя файла
74d96265eedbfd55374ea5adbac32323.virus
Тип файла
PDF document, version 1.4
Размер файла
79.5 KB
Первое обнаружение
Последнее обнаружение

Окружение

win7/x86 en

Хеши

SHA1
22c9bc89a617e8f5df58f4000bda6bda44514639
SHA256
fd5a7d560544c70a4e07c141f32fcfd3710717fb48cef80daf4b9d2ff579cc28
MD5
74d96265eedbfd55374ea5adbac32323

Сигнатуры

Initial Access

T1192 html_urls: HTML-document downloads a file

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1497.002 async_mouse: Watches for mouse clicks using GetAsyncKeyState to detect human activity
T1497.002 antivm_usbstor: Reads information about usbdevices from regkey
T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Discovery

T1497.002 async_mouse: Watches for mouse clicks using GetAsyncKeyState to detect human activity
T1497.002 antivm_usbstor: Reads information about usbdevices from regkey

Other

yara_rules: Static rules
pdf_compressed_stream: Contains an object with compressed stream
get_policy_info: Retrieves information about a Policy object
office_links: Office file contains external links