Managed XDR

word-embeddings-oleobject1.bin — отчёт о динамическом анализе вредоносного файла

Информация о файле

Имя файла
word-embeddings-oleobject1.bin
Тип файла
Composite Document File V2 Document, Cannot read section info
Размер файла
11.5 KB
Первое обнаружение
Последнее обнаружение

Окружение

win7/x86 en

Хеши

SHA1
73176ca04c5e1348e9ca58cf6303ed522dad78b3
SHA256
82eb099e9013d5375c7cd62c7e062610e1975e797427c7f3a3f5b081e7cae9cf
MD5
54dd74bf6a4672122e9bba609f299af6

Сигнатуры

Execution

T1059.005 bad_vbs: Suspicious VBScript file

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1497.001 antisandbox_script_timer: Detected script timer window (indicative of sleep style evasion)
T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Discovery

T1497.001 antisandbox_script_timer: Detected script timer window (indicative of sleep style evasion)

Other

yara_rules: Static rules
no_graphical_activity: No graphic activity
message_box: Displays a message
error_drawtext: An error occured while executing the file
checktokenmembership: Checks user token with CheckTokenMembership call