c2acefe58fc8ee2249d951b386ae74feedbfe36a2d252850fa1a891b528ef716

Sharing

Copy URL

Twitter E-mail

General

Target

Xvirus-Tools-main.zip
Size

41KB
Sample

240523-ryg4gaee95
MD5

c0bc3ac40c3d0cc192c1e5c724ef47f6
SHA1

2d13212fefe3d2b1a4289d0d397820a32f656f30
SHA256

c2acefe58fc8ee2249d951b386ae74feedbfe36a2d252850fa1a891b528ef716
SHA512

374a7b7596522100c92050579654e3ea573be9bb6b8200e59428a3f7ea7b60289f73f412b9511db8779360217a84063762d5230a3db74c32c1d4d556319337e7
SSDEEP

768:7VZ/bACER7pNX8nL9XhVCBO+XAnHMF/RhX9ndPsTdcP3PoSeHbt:5LER7jMnxXhwBONK7PsTqHoPbt

Score

6^/10

Malware Config

Targets

- Target
  
  Xvirus-Tools-main/Xvirus.py
- Size
  
  8KB
- MD5
  
  7b1a408c4fa7f99027bb497151875caa
- SHA1
  
  75fa713f0d8edc39e74bcbdf113ea8dc3fedfa97
- SHA256
  
  ea57693b77ba0d034c0b9e8a874f3251440ba793251081899ca11fb98fc86574
- SHA512
  
  75e55264f46d925e458ecdb2362d05cdf6477b18d3f659f01d2c33f528a5cb4ac4fa03a1508eaccddab8df8595193a59cdc8e1e564ca0244f31ddc19132e4f3f
- SSDEEP
  
  192:OxGWZRZd7vnTNxTM/DTdkBf9XxrcNqTf2BXsYEJv:z0zlvnTNxTF9XxrcNqTA7Ex
Score

3^/10
behavioral1
- Target
  
  Xvirus-Tools-main/setup.bat
- Size
  
  62B
- MD5
  
  bac1df08b5a2b813d82ace3a51adc67f
- SHA1
  
  bd1279e6379de4ea6ac108718010235f3b342405
- SHA256
  
  59f5244b33fe77d4dfe76e5159d44a07e037040f8790276ec84139ed3128a21b
- SHA512
  
  175b17c6e7d91aea20e6d8d3b63abfd467c0cf7fc6b8c574e39dbffeb52db8c40020816291f7a83e0411a165d0535c033ff1df299dd2c2a7e48ba8b34dcd4afa
Score

1^/10
behavioral2
- Target
  
  Xvirus-Tools-main/start.bat
- Size
  
  22B
- MD5
  
  439fcacf5dbd7675b272bf20a28ebd26
- SHA1
  
  567c60f881fe536d43f69973914cfa55ba3577a4
- SHA256
  
  93f20b2d08664ce038d6c18475c6a82f6304da012aa910ffc82aca3657fd0a76
- SHA512
  
  b4650e771dda5e29340867f73d5f5478e28ac3d17f00ea8d99f71e6d519faedf00e00aeba0cab889984a581adcde65a20c9bcb7e6ee818f0471de0dd6bbc1262
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral3
- Target
  
  Xvirus-Tools-main/util/__init__.py
- Size
  
  702B
- MD5
  
  d315dafea7a144be416a544d993f1f21
- SHA1
  
  b3ce60f1e5818d7f06ad31ed5ab615633808d2ec
- SHA256
  
  7e6f34bc5a3d996efbf6e105ebc3d437af888a389c6b6034128b566ebaeb12a3
- SHA512
  
  e701514bf9c5430b654cccd39049acda7e6fa6bd1a95ece193741ecc35ba2d9747eaad097e2501430aa2037fec23c2f740d08d71763c138f6384d7432f94a208
Score

3^/10
behavioral4
- Target
  
  Xvirus-Tools-main/util/options/bypass_rules.py
- Size
  
  797B
- MD5
  
  00d2a8463899d3a15c6de0862afd52a9
- SHA1
  
  15c0055785dde13192dfc809eff127c0c3c459e8
- SHA256
  
  6d3d030fd620ef28d68f85e565cbf30ddeaeed7da619edf229861ee5991e99d0
- SHA512
  
  f9847c1892acc0b7b6709f7e9ac9d9c715da5331adf3fb7b0abeb5505692c35927def47a60bbee23dd18e99fee7c9486527c3b586337d72712ed10e6c0841b47
Score

3^/10
behavioral5
- Target
  
  Xvirus-Tools-main/util/options/channel_spammer.py
- Size
  
  4KB
- MD5
  
  dcf6cbe5953a1df30817619cf06c1791
- SHA1
  
  5e75364a65f4eb3cba26c3744846f58b5e5b4e85
- SHA256
  
  e3917f95e8201ab5b01a693aae98fc7aebdfa7c2fc151c467763105ec8930788
- SHA512
  
  d83f6ab5235ab146d636814097078d9d2a9d9a9348bceae89ca3b49a6fc8f1c7f0003ce0f745ce4a80f117b92d0af9f1a47533440b98ac1553c6f33f7a3d850b
- SSDEEP
  
  96:kFEJE6Bilg4fgjAQr+5QacHdbTgvboaciM:YEJE6Bilg4fgjAQr+5Vc9bUvboaciM
Score

3^/10
behavioral6
- Target
  
  Xvirus-Tools-main/util/options/hypesquad_changer.py
- Size
  
  848B
- MD5
  
  76f7f1aaf4b032981e2ccce6f5e2ec87
- SHA1
  
  f0664b5160bf8a3fbd1acad9807e1b799a0dc709
- SHA256
  
  4d4caa5188df4dd6969e0daba7641ecf51adf79285cf42766284a0ade37ad384
- SHA512
  
  1eca05ef1685e3f565d1df1c8727d89d064dc9cfecd465089d11b4e6560f8bd004f939bc8a614cfccfc24628e1dc62445be403d0ff673d3124636503034436ff
Score

3^/10
behavioral7
- Target
  
  Xvirus-Tools-main/util/options/mass_report.py
- Size
  
  1KB
- MD5
  
  cb6e68aec2d603b5177f1227ce88c431
- SHA1
  
  bbe7006c81b8968b02127522b521fb2b0086e126
- SHA256
  
  879e4942541b288b5f6e5479a3badb8d2c7def127c1bbc8609ccbb7418ad222d
- SHA512
  
  00ffead5131ca63c7b1d1337ea05ae72c69718a9ecebbe804a9e8f5b5b5a4a2fb3f2d3347206254d343cab2e855a78b9afdff197fe2129a617c381b61399c923
Score

3^/10
behavioral8
- Target
  
  Xvirus-Tools-main/util/options/soundboard_spammer.py
- Size
  
  1KB
- MD5
  
  aeed67f5c6d83f7c9a262e5a60751d20
- SHA1
  
  77405701061c7a1208fd38dd313e198df46829c4
- SHA256
  
  a6cc0b409a54ac21d0662b156c029694b4fdbced30db2307ba83443502ae2f0d
- SHA512
  
  d770142aedbadf384462eadb3cb40e2155d30345a668da2673df9c20127c85d6c3cc905f9c2a1e42e15f21f7c6070aa6997c5a87bbb90158f2b1a8c2769f2212
Score

3^/10
behavioral9
- Target
  
  Xvirus-Tools-main/util/options/token_bio_changer.py
- Size
  
  652B
- MD5
  
  962025c8a81b68cffaf8e005cb9e97fd
- SHA1
  
  6b27de20863640f612d56fccebb504d203b09c70
- SHA256
  
  2f5255735b30f655dbf7ec70c19654aad86ea9d7c96f922f0431e0ccc4c49da6
- SHA512
  
  e56c8caccab6cbf52263425d8bf5d90994216ce7d413d3038499617d7f8b057be441905a6e66eb318b9238c60699faa9e080495086a56e1577cb32788d32f25d
Score

3^/10
behavioral10
- Target
  
  Xvirus-Tools-main/util/options/token_checker.py
- Size
  
  2KB
- MD5
  
  e2bfa4e9f8b47ac523a74657bf8aa686
- SHA1
  
  c05438946b372a943888f03ddf0b6d53c677f4d4
- SHA256
  
  143b3e2b9a3239cf2e4ec9a1bbfaf8fb4ae6e9d6eab4d06d640410882a114b30
- SHA512
  
  6359e75c95c8c2a00a266e991201d0b406ffb5ea4facb751723bbdbcb3c5fa945e89c7733b39d69522cfc5ca91662ee6e07d4906e9fd3d19349e97e86b0d5a6a
Score

3^/10
behavioral11
- Target
  
  Xvirus-Tools-main/util/options/token_global_nicker.py
- Size
  
  668B
- MD5
  
  aceb9d50b3fd883f809940a1ccf32c58
- SHA1
  
  99533de8d3f33a3da6c98a7963de0bf307258458
- SHA256
  
  d972e6a17370e2bd5f9d86a016994b5a1c5b06089cb2725d1c7a4c20e0a133d2
- SHA512
  
  fd8e1e09a72c9432c87fb3bd0170aefa2b569bca9f325714f43c013fbb007d9423c60d033bf3abd14faf2e27efdbd1bf268f6b0ef085ebfb38b38dbd3b1aec4f
Score

3^/10
behavioral12
- Target
  
  Xvirus-Tools-main/util/options/token_joiner.py
- Size
  
  914B
- MD5
  
  cecb0053c054bb678d06598d0318ad5b
- SHA1
  
  0492a0fb5d426d9fe5c4753426366be158daaea2
- SHA256
  
  c955e1399150c26775c0fa5715bfe8359128217acda1e4c64198387af9ac7d18
- SHA512
  
  edb96c1c990172892006eba4f633bb285dae3f5e642a97be6a8ae3131c4a8d3a846d164eec0c778489a31d1b06d056eea8044dabe168ad73cd43253c32dadded
Score

3^/10
behavioral13
- Target
  
  Xvirus-Tools-main/util/options/token_leaver.py
- Size
  
  708B
- MD5
  
  d07836dfdae885aa63f2330d77ebd13a
- SHA1
  
  7fc41aa969002ad4024c49391e052ebe5bbe4179
- SHA256
  
  14af02b6cafe82c28152c6514d7e5fc6684630575d99539a4a8b14e407bd62e6
- SHA512
  
  4f050551a0c025432092ffc4d7c6c1a5803a5750cc99a9e393cd88fafa519cfae4ee12b322f7cdd27915f2fad09ff40ec2f9b8571b4c7b8ed307ccc9b130077d
Score

3^/10
behavioral14
- Target
  
  Xvirus-Tools-main/util/options/token_pron_changer.py
- Size
  
  1KB
- MD5
  
  27b93193d54eb822a12722e30dbff85d
- SHA1
  
  1136b0533d9324ca53e275ecf6b2b73054e7728e
- SHA256
  
  291dcf208e0e15e260016111ae69e07977b59cd1a45fce39d53f5d95ad8d4619
- SHA512
  
  a5bd438287fde42c7296a44b0ff2a3403b67951f48ca4b491ed09f1978da3e52c6feeea0606ec7e10c331a52438f87ab2f8c8c544faf065fc123556552aafa17
Score

3^/10
behavioral15
- Target
  
  Xvirus-Tools-main/util/options/token_saver.py
- Size
  
  3KB
- MD5
  
  cd7d84f49f57f4df542b15f5fcc045d8
- SHA1
  
  13ba83e3584f7507f0e997215215a68dfb830264
- SHA256
  
  be13e10efd2c3f95f8394b19c8999ed44da8e928d6c8d0d99bdec385252bc152
- SHA512
  
  3dd8b9269157b9dea6d45c96d7e8e650567c3f4173401f09732281ec98f67a0e4a76c17360af77756b9272e807ced862c7bb83fa1cac1ee9128ea42b9300783a
Score

3^/10
behavioral16
- Target
  
  Xvirus-Tools-main/util/options/token_server_nicker.py
- Size
  
  740B
- MD5
  
  48311f696e11c832fd58ec054a673fa4
- SHA1
  
  2d36aec3febc6ed4d2343ac75be9dc2ead6a66bf
- SHA256
  
  bd4fbe4d5cd411826f395fe008d893fb5695cb157e937172651c9baccf9c2c50
- SHA512
  
  606d5c7d03acd9c7dbd09df44ff77161d1b03eca20c9ce52374bd5751f570e6548553eea6d082d649423b906441c6f4006e47b3cb02ce8dc28a13868d6582040
Score

3^/10
behavioral17
- Target
  
  Xvirus-Tools-main/util/options/token_typer.py
- Size
  
  771B
- MD5
  
  61d674f740c88c42ee2a4c5b6bfa90b5
- SHA1
  
  2f50cb9d2c5c5ec623690389d3b3188d15c9ffd9
- SHA256
  
  281ec3de36bd66aa71fb3926b7296315fe60f039b68a6f0a270de89ae37af48e
- SHA512
  
  0b6db54420945510c34ad3d9be7ba6f64d749181643dcad15fe387acefde432202fe33caee3973f007a75d92d31057bc346b5b6cc958aad9f1321553be89abc1
Score

3^/10
behavioral18
- Target
  
  Xvirus-Tools-main/util/options/webhook_tool.py
- Size
  
  1KB
- MD5
  
  bc69a9066ef465d4df48faf889c6f6e1
- SHA1
  
  d41b5ecdd89c087f9c1ed818ae567e63767b02f6
- SHA256
  
  da26c883e94ab2cd406af72c0550c1aff96f3ee46d80b2289f0eaad5bcb9b2ed
- SHA512
  
  9e53ab92ffbbe094b36f946ffd73caa8ec228aed6af08e1255403b819855c067a44864ce465692986da005b30e9934e9dc182f70711c3c78eab10fdfcd3ef92f
Score

3^/10
behavioral19
- Target
  
  Xvirus-Tools-main/util/plugins/settings.py
- Size
  
  3KB
- MD5
  
  4fffec137b113046866b415da3c7c478
- SHA1
  
  9628637e829fd25e3da32e6ec8796e0130648a46
- SHA256
  
  92450d3ec42db8d12870e1495d3e32d352e9222d8898f8e55fcaf0551baf739a
- SHA512
  
  eb81cb8e35ef6b6fa09377b942002d7dc759012d52caff731b7db55a475e4ea54c9ab41e332084d468a617369132cce31079b2cac6ae227df156810cc00a11d0
Score

3^/10
behavioral20
- Target
  
  Xvirus-Tools-main/util/plugins/utils.py
- Size
  
  17KB
- MD5
  
  21d2deb72a2b7addb310dae3c5d77737
- SHA1
  
  00e5dab521ab37db8fa88b5c50161ba8c36768cf
- SHA256
  
  5728c84a7ed1a945b746bd653c953c179033d6b55dec2dd716eefdd60e7efe1c
- SHA512
  
  8ad0d8e40bce08212d5f66daf40df84c6e4e66a3b480414b9d470da3050282660a798cf8e88517e5551d5b72556e86442b142ec44fb55893e3a77eba50d58312
- SSDEEP
  
  384:hIfZeykVtAfCACMAJvR9g6GTgY+nTNbS+txTtjL/GXhRd0w2oZT:MZTkVtAfXRAJvRO0NbS+t9tjCRRd6uT
Score

3^/10
behavioral21

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21