Overview

overview

4

Static

static

1

Xvirus-Too...rus.py

macos-10.15-amd64

1

Xvirus-Too...up.bat

macos-10.15-amd64

4

Xvirus-Too...rt.bat

macos-10.15-amd64

4

Xvirus-Too...t__.py

macos-10.15-amd64

4

Xvirus-Too...les.py

macos-10.15-amd64

1

Xvirus-Too...mer.py

macos-10.15-amd64

1

Xvirus-Too...ger.py

macos-10.15-amd64

1

Xvirus-Too...ort.py

macos-10.15-amd64

1

Xvirus-Too...mer.py

macos-10.15-amd64

4

Xvirus-Too...ger.py

macos-10.15-amd64

1

Xvirus-Too...ker.py

macos-10.15-amd64

4

Xvirus-Too...ker.py

macos-10.15-amd64

1

Xvirus-Too...ner.py

macos-10.15-amd64

1

Xvirus-Too...ver.py

macos-10.15-amd64

1

Xvirus-Too...ger.py

macos-10.15-amd64

4

Xvirus-Too...ver.py

macos-10.15-amd64

1

Xvirus-Too...ker.py

macos-10.15-amd64

4

Xvirus-Too...per.py

macos-10.15-amd64

1

Xvirus-Too...ool.py

macos-10.15-amd64

1

Xvirus-Too...ngs.py

macos-10.15-amd64

1

Xvirus-Too...ils.py

macos-10.15-amd64

1

Analysis

  • max time kernel
    137s
  • max time network
    153s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240410-en
  • resource tags

    arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    25-04-2024 07:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Xvirus-Tools-1.7.1/util/options/token_saver.py

  • Size

    3KB

  • MD5

    cd7d84f49f57f4df542b15f5fcc045d8

  • SHA1

    13ba83e3584f7507f0e997215215a68dfb830264

  • SHA256

    be13e10efd2c3f95f8394b19c8999ed44da8e928d6c8d0d99bdec385252bc152

  • SHA512

    3dd8b9269157b9dea6d45c96d7e8e650567c3f4173401f09732281ec98f67a0e4a76c17360af77756b9272e807ced862c7bb83fa1cac1ee9128ea42b9300783a

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py\""
    1⤵
      PID:485
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py\""
      1⤵
        PID:485
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py
        1⤵
          PID:485
          • /bin/zsh
            /bin/zsh -c /Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py
            2⤵
              PID:486
            • /Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py
              /Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py
              2⤵
                PID:486
              • /bin/sh
                sh /Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py
                2⤵
                  PID:486
                • /bin/bash
                  sh /Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py
                  2⤵
                    PID:486
                    • /usr/bin/from
                      from util import Applications Library System Users Volumes bin cores dev etc home opt private sbin tmp usr var
                      3⤵
                        PID:487
                  • /usr/libexec/xpcproxy
                    xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
                    1⤵
                      PID:534
                    • /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                      /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                      1⤵
                        PID:534

                      Network

                      MITRE ATT&CK Matrix

                      Replay Monitor

                      Loading Replay Monitor...

                      Downloads