Managed XDR

autorecovery-save-of-9...b879ed50681e7e.rtf.asd — отчёт о динамическом анализе вредоносного файла

Информация о файле

Имя файла: autorecovery-save-of-9b3bb7b84b63d897157aaf46460389e69f370df9d6b879ed50681e7e.rtf.asd
Тип файла: Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1252, Template: Normal.dotm, Revision Number: 1, Name of Creating Application: Microsoft Office Word, Create Time/Date: Wed Jul 31 23:05:00 2024, Number of Pages: 1, Number of Words: 96, Number of Characters: 550, Security: 0
Размер файла: 278 KB
Первое обнаружение: 2024-08-31 12:16
Последнее обнаружение: 2024-08-31 12:16

winxp/x86 en

T1134 opens_thread_token: Opens the access token associated with a thread

T1134 opens_process_token: Opens the access token associated with a process

T1497 evasion_runmru: Attempts to detect Sandbox by Run MRU

T1134 opens_thread_token: Opens the access token associated with a thread

T1134 opens_process_token: Opens the access token associated with a process

T1555.003 cookie_files: Accesses cookie files

T1552 cookie_files: Accesses cookie files

T1518 locates_browser: Attempts to identify where browsers are installed

T1497 evasion_runmru: Attempts to detect Sandbox by Run MRU

T1071.001 network_http: Performs HTTP requests

yara_rules: Static rules

creates_in_programdata: Creates files in the ProgramData directory

Managed XDR