Overview

overview

4

Static

static

1

Xvirus-Too...rus.py

macos-10.15-amd64

1

Xvirus-Too...up.bat

macos-10.15-amd64

4

Xvirus-Too...rt.bat

macos-10.15-amd64

4

Xvirus-Too...t__.py

macos-10.15-amd64

4

Xvirus-Too...les.py

macos-10.15-amd64

1

Xvirus-Too...mer.py

macos-10.15-amd64

1

Xvirus-Too...ger.py

macos-10.15-amd64

1

Xvirus-Too...ort.py

macos-10.15-amd64

1

Xvirus-Too...mer.py

macos-10.15-amd64

4

Xvirus-Too...ger.py

macos-10.15-amd64

1

Xvirus-Too...ker.py

macos-10.15-amd64

4

Xvirus-Too...ker.py

macos-10.15-amd64

1

Xvirus-Too...ner.py

macos-10.15-amd64

1

Xvirus-Too...ver.py

macos-10.15-amd64

1

Xvirus-Too...ger.py

macos-10.15-amd64

4

Xvirus-Too...ver.py

macos-10.15-amd64

1

Xvirus-Too...ker.py

macos-10.15-amd64

4

Xvirus-Too...per.py

macos-10.15-amd64

1

Xvirus-Too...ool.py

macos-10.15-amd64

1

Xvirus-Too...ngs.py

macos-10.15-amd64

1

Xvirus-Too...ils.py

macos-10.15-amd64

1

Analysis

  • max time kernel
    118s
  • max time network
    133s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240410-en
  • resource tags

    arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    25-04-2024 07:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Xvirus-Tools-1.7.1/util/plugins/utils.py

  • Size

    18KB

  • MD5

    b1538c3b3e93d8aba8b8adf116e12535

  • SHA1

    e08e61e6950f59d8ae25418e03671044215dc5ef

  • SHA256

    ff748f461e05ef4d1c96736bca92b23bae0b8b5bf7f3ecbb6a03377cf8e1d240

  • SHA512

    b355f1dd160cb6a18e107204569fb1e0492f33732caf1d4b07ceb71bffb42fd5afa22c6eb7fc222fd26e55f95adc19f0b8853b54fd7215af0e3d3fb29dadc39e

  • SSDEEP

    384:hIfZeykVtgCdCxWCq44Cq8CC3CttCWXCuaClCzRCGCqAJvR9g6GTgY+nTNbS+txo:MZTkVtguD24ilmfO2M3hAJvRO0NbS+tG

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Xvirus-Tools-1.7.1/util/plugins/utils.py\""
    1⤵
      PID:482
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Xvirus-Tools-1.7.1/util/plugins/utils.py\""
      1⤵
        PID:482
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/Xvirus-Tools-1.7.1/util/plugins/utils.py
        1⤵
          PID:482
          • /bin/zsh
            /bin/zsh -c /Users/run/Xvirus-Tools-1.7.1/util/plugins/utils.py
            2⤵
              PID:483
            • /Users/run/Xvirus-Tools-1.7.1/util/plugins/utils.py
              /Users/run/Xvirus-Tools-1.7.1/util/plugins/utils.py
              2⤵
                PID:483
              • /bin/sh
                sh /Users/run/Xvirus-Tools-1.7.1/util/plugins/utils.py
                2⤵
                  PID:483
                • /bin/bash
                  sh /Users/run/Xvirus-Tools-1.7.1/util/plugins/utils.py
                  2⤵
                    PID:483
                    • /usr/bin/from
                      from concurrent.futures import ThreadPoolExecutor
                      3⤵
                        PID:484
                      • /usr/bin/from
                        from datetime import "datetime," timedelta
                        3⤵
                          PID:485
                        • /usr/bin/from
                          from colorama import Fore
                          3⤵
                            PID:486
                          • /usr/bin/from
                            from time import sleep
                            3⤵
                              PID:487
                            • /usr/bin/from
                              from util import Applications Library System Users Volumes bin cores dev etc home opt private sbin tmp usr var
                              3⤵
                                PID:502
                          • /usr/libexec/xpcproxy
                            xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
                            1⤵
                              PID:552
                            • /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                              /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                              1⤵
                                PID:552

                              Network

                              MITRE ATT&CK Matrix

                              Replay Monitor

                              Loading Replay Monitor...

                              Downloads