43d4f8e901cf19bad05ecd05fdd411b460b2eabb3ee4bc6e91e70d0b0af8032c | Triage

Submit
Reports

Overview

overview

4

Static

static

1

Xvirus-Too...rus.py

macos-10.15-amd64

1

Xvirus-Too...up.bat

macos-10.15-amd64

4

Xvirus-Too...rt.bat

macos-10.15-amd64

4

Xvirus-Too...t__.py

macos-10.15-amd64

4

Xvirus-Too...les.py

macos-10.15-amd64

1

Xvirus-Too...mer.py

macos-10.15-amd64

1

Xvirus-Too...ger.py

macos-10.15-amd64

1

Xvirus-Too...ort.py

macos-10.15-amd64

1

Xvirus-Too...mer.py

macos-10.15-amd64

4

Xvirus-Too...ger.py

macos-10.15-amd64

1

Xvirus-Too...ker.py

macos-10.15-amd64

4

Xvirus-Too...ker.py

macos-10.15-amd64

1

Xvirus-Too...ner.py

macos-10.15-amd64

1

Xvirus-Too...ver.py

macos-10.15-amd64

1

Xvirus-Too...ger.py

macos-10.15-amd64

4

Xvirus-Too...ver.py

macos-10.15-amd64

1

Xvirus-Too...ker.py

macos-10.15-amd64

4

Xvirus-Too...per.py

macos-10.15-amd64

1

Xvirus-Too...ool.py

macos-10.15-amd64

1

Xvirus-Too...ngs.py

macos-10.15-amd64

1

Xvirus-Too...ils.py

macos-10.15-amd64

1

Analysis

max time kernel
137s
max time network
153s
platform
macos-10.15_amd64
resource
macos-20240410-en
resource tags

arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
25-04-2024 07:08

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Xvirus-Tools-1.7.1/Xvirus.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Xvirus-Tools-1.7.1/setup.bat

Resource

macos-20240410-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

Xvirus-Tools-1.7.1/start.bat

Resource

macos-20240410-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

Xvirus-Tools-1.7.1/util/__init__.py

Resource

macos-20240410-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

Xvirus-Tools-1.7.1/util/options/bypass_rules.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Xvirus-Tools-1.7.1/util/options/channel_spammer.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Xvirus-Tools-1.7.1/util/options/hypesquad_changer.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Xvirus-Tools-1.7.1/util/options/mass_report.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Xvirus-Tools-1.7.1/util/options/soundboard_spammer.py

Resource

macos-20240410-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

Xvirus-Tools-1.7.1/util/options/token_bio_changer.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Xvirus-Tools-1.7.1/util/options/token_checker.py

Resource

macos-20240410-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

Xvirus-Tools-1.7.1/util/options/token_global_nicker.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Xvirus-Tools-1.7.1/util/options/token_joiner.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Xvirus-Tools-1.7.1/util/options/token_leaver.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Xvirus-Tools-1.7.1/util/options/token_pron_changer.py

Resource

macos-20240410-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

Xvirus-Tools-1.7.1/util/options/token_saver.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Xvirus-Tools-1.7.1/util/options/token_server_nicker.py

Resource

macos-20240410-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

Xvirus-Tools-1.7.1/util/options/token_typer.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

Xvirus-Tools-1.7.1/util/options/webhook_tool.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

Xvirus-Tools-1.7.1/util/plugins/settings.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Xvirus-Tools-1.7.1/util/plugins/utils.py

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Xvirus-Tools-1.7.1/util/options/token_saver.py
Size

3KB
MD5

cd7d84f49f57f4df542b15f5fcc045d8
SHA1

13ba83e3584f7507f0e997215215a68dfb830264
SHA256

be13e10efd2c3f95f8394b19c8999ed44da8e928d6c8d0d99bdec385252bc152
SHA512

3dd8b9269157b9dea6d45c96d7e8e650567c3f4173401f09732281ec98f67a0e4a76c17360af77756b9272e807ced862c7bb83fa1cac1ee9128ea42b9300783a

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py\""
1⤵
PID:485

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py\""
1⤵
PID:485

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py
1⤵
PID:485

/bin/zsh
/bin/zsh -c /Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py
2⤵
PID:486

/Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py
/Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py
2⤵
PID:486

/bin/sh
sh /Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py
2⤵
PID:486

/bin/bash
sh /Users/run/Xvirus-Tools-1.7.1/util/options/token_saver.py
2⤵
PID:486

/usr/bin/from
from util import Applications Library System Users Volumes bin cores dev etc home opt private sbin tmp usr var
3⤵
PID:487

/usr/libexec/xpcproxy
xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
1⤵
PID:534

/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
1⤵
PID:534

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy