Managed XDR

vtdl_1750455706_0hyueuk0 — отчёт о динамическом анализе вредоносного файла

Информация о файле

Имя файла
vtdl_1750455706_0hyueuk0
Тип файла
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has command line arguments, Icon number=7, Archive, ctime=Wed Aug 18 03:08:15 2021, mtime=Wed Aug 18 03:08:15 2021, atime=Wed Aug 18 03:08:15 2021, length=45056, window=
Размер файла
1.6 KB
Первое обнаружение
Последнее обнаружение

Окружение

win7/x86 en

Хеши

SHA1
f3287993d7fbb4d5e1e3daf9427860460ddec657
SHA256
1468054df5b39bd55b9f990b2eaa74dbf9c0f8e87704852679487dce63025900
MD5
44b05242c478b7131c977c36d1977de2

Сигнатуры

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Discovery

T1518 locates_browser: Attempts to identify where browsers are installed

Other

yara_rules: Static rules
unexpected_exception: Unexpected exception
no_graphical_activity: No graphic activity
creates_suspended_process: Creates suspended process
message_box: Displays a message
get_policy_info: Retrieves information about a Policy object