Overview

overview

10

Static

static

7

XioSpark/XioSpark.exe

windows11-21h2-x64

10

XioSpark/l...ad.exe

windows11-21h2-x64

1

XioSpark/l...ad.exe

windows11-21h2-x64

1

XioSpark/l...kg.exe

windows11-21h2-x64

1

XioSpark/l...iz.exe

windows11-21h2-x64

1

XioSpark/l...rl.exe

windows11-21h2-x64

1

XioSpark/l...td.exe

windows11-21h2-x64

7

XioSpark/l...64.exe

windows11-21h2-x64

7

XioSpark/l...86.exe

windows11-21h2-x64

7

XioSpark/l...rl.exe

windows11-21h2-x64

1

XioSpark/l...rl.exe

windows11-21h2-x64

1

XioSpark/l...za.dll

windows11-21h2-x64

1

XioSpark/l...za.exe

windows11-21h2-x64

1

XioSpark/l...xa.dll

windows11-21h2-x64

1

XioSpark/l...za.dll

windows11-21h2-x64

3

XioSpark/l...za.exe

windows11-21h2-x64

1

XioSpark/l...xa.dll

windows11-21h2-x64

3

XioSpark/l...ox.exe

windows11-21h2-x64

3

XioSpark/l...ox.exe

windows11-21h2-x64

3

XioSpark/l...ad.exe

windows11-21h2-x64

1

XioSpark/l...ad.exe

windows11-21h2-x64

1

XioSpark/l...er.exe

windows11-21h2-x64

7

XioSpark/l...kg.exe

windows11-21h2-x64

1

XioSpark/l...iz.exe

windows11-21h2-x64

1

XioSpark/l...rl.exe

windows11-21h2-x64

1

XioSpark/l...rl.exe

windows11-21h2-x64

1

XioSpark/l...td.exe

windows11-21h2-x64

7

XioSpark/l...td.exe

windows11-21h2-x64

7

XioSpark/l...64.exe

windows11-21h2-x64

7

XioSpark/l...86.exe

windows11-21h2-x64

7

XioSpark/l...64.exe

windows11-21h2-x64

7

XioSpark/l...86.exe

windows11-21h2-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    XioSpark PREMIUM.rar

  • Size

    37.6MB

  • MD5

    909f81217e45a455f47c78a0c92d5819

  • SHA1

    6456356c7966afa169de181c7dc6f0960f513df6

  • SHA256

    c93aa5e670df4b229071a87bcb2b2e97707cd6f7c03ff39d97be484048466cbf

  • SHA512

    4925c5195d369f6023ec6789e328c58d7b67a8b249d4e8418dc78a5b999e313738299cd160fc28dd5bfec43e5867e785833690cdd0b266e99e4b1bf9e8dfaded

  • SSDEEP

    786432:geX7LlJJg9LowBe0CJkGpF3O2+M+DJJg9LofBe0CJ7GhF3GQm3XbJJg9Lo/Be0Cx:ge9YLowOpE2yYLofNhkQSYLo/yX7

Score
7/10
pyinstallerupx

Malware Config

Signatures

  • UPX packed file 9 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Detects Pyinstaller 3 IoCs
    pyinstaller
  • Unsigned PE 51 IoCs

    Checks for missing Authenticode signature.

Files

  • XioSpark PREMIUM.rar
    .rar
  • XioSpark/XioSpark.exe
    .exe windows:6 windows x86 arch:x86

    dcdd7fda4b828a13bab9a0dd63981aa0


    Headers

    Imports

    Sections

  • XioSpark/cvSERVICE.py
    .exe windows:4 windows x86 arch:x86

    358255d310d10c44d53b3032e06b8b63


    Headers

    Imports

    Sections

  • XioSpark/installation.html
    .exe windows:4 windows x86 arch:x86

    ef8cd7f18a9b59b15033fbc2e15348e2


    Headers

    Imports

    Sections

  • XioSpark/lib/7za/x64/7za.dll
    .dll windows:4 windows x64 arch:x64

    22ca0a9fa52636be630f15cf36ce68e9


    Headers

    Imports

    Exports

    Sections

  • XioSpark/lib/7za/x64/7za.exe
    .exe windows:4 windows x64 arch:x64

    7232d06dc00920698f0cad2452012553


    Headers

    Imports

    Sections

  • XioSpark/lib/7za/x64/7zxa.dll
    .dll windows:4 windows x64 arch:x64

    aca74ba801aaf3b47c3daa7d7e22a9db


    Headers

    Imports

    Exports

    Sections

  • XioSpark/lib/7za/x86/7za.dll
    .dll windows:4 windows x86 arch:x86

    cb36a1cf1dc11c2231c4415295a85d2f


    Headers

    Imports

    Exports

    Sections

  • XioSpark/lib/7za/x86/7za.exe
    .exe windows:4 windows x86 arch:x86

    1a9deef54b6b9763013f742bee84d533


    Headers

    Imports

    Sections

  • XioSpark/lib/7za/x86/7zxa.dll
    .dll windows:4 windows x86 arch:x86

    b56c6d8dc50f73376215a3b3ddce91c0


    Headers

    Imports

    Exports

    Sections

  • XioSpark/lib/OpenFileBox.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • XioSpark/lib/SaveFileBox.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • XioSpark/lib/backgrounds/background-1.jpg
    .jpg
  • XioSpark/lib/backgrounds/background-10.jpg
    .jpg
  • XioSpark/lib/backgrounds/background-11.jpg
    .jpg
  • XioSpark/lib/backgrounds/background-12.jpg
    .jpg
  • XioSpark/lib/backgrounds/background-2.jpg
    .jpg
  • XioSpark/lib/backgrounds/background-3.jpg
    .jpg
  • XioSpark/lib/backgrounds/background-4.jpg
    .jpg
  • XioSpark/lib/backgrounds/background-5.jpg
    .jpg
  • XioSpark/lib/backgrounds/background-6.jpg
    .jpg
  • XioSpark/lib/backgrounds/background-7.jpg
    .jpg
  • XioSpark/lib/backgrounds/background-8.jpg
    .jpg .ps1 polyglot
  • XioSpark/lib/backgrounds/background-9.jpg
    .jpg
  • XioSpark/lib/binread/x64/binread.exe
    .exe windows:4 windows x64 arch:x64

    94e41874fd27bb9cd79133e7f21b03b3


    Headers

    Imports

    Sections

  • XioSpark/lib/binread/x86/binread.exe
    .exe windows:4 windows x86 arch:x86

    7ab5906e263541420d9860e0e5264a71


    Headers

    Imports

    Sections

  • XioSpark/lib/bookmarks_parser.exe
    .exe windows:5 windows x86 arch:x86

    22604f514dda14fc9e9e932cbc54e1b0


    Headers

    Imports

    Sections

  • bookmarks_parser.pyc
  • XioSpark/lib/cmdbkg.exe
    .exe windows:4 windows x86 arch:x86

    ef8cd7f18a9b59b15033fbc2e15348e2


    Headers

    Imports

    Sections

  • XioSpark/lib/cmdwiz.exe
    .exe windows:4 windows x86 arch:x86

    358255d310d10c44d53b3032e06b8b63


    Headers

    Imports

    Sections

  • XioSpark/lib/curl/649dbf9f33c5d460c17f1ec2.zip
    .zip
  • XioSpark/lib/curl/64cba316b25df8732eebc402.zip
    .zip
  • XioSpark/lib/curl/6516c8018b6aa566ae723220.zip
    .zip
  • XioSpark/lib/curl/7za/x64/7za.dll
    .dll windows:4 windows x64 arch:x64

    22ca0a9fa52636be630f15cf36ce68e9


    Headers

    Imports

    Exports

    Sections

  • XioSpark/lib/curl/7za/x64/7za.exe
    .exe windows:4 windows x64 arch:x64

    7232d06dc00920698f0cad2452012553


    Headers

    Imports

    Sections

  • XioSpark/lib/curl/7za/x64/7zxa.dll
    .dll windows:4 windows x64 arch:x64

    aca74ba801aaf3b47c3daa7d7e22a9db


    Headers

    Imports

    Exports

    Sections

  • XioSpark/lib/curl/7za/x86/7za.dll
    .dll windows:4 windows x86 arch:x86

    cb36a1cf1dc11c2231c4415295a85d2f


    Headers

    Imports

    Exports

    Sections

  • XioSpark/lib/curl/7za/x86/7za.exe
    .exe windows:4 windows x86 arch:x86

    1a9deef54b6b9763013f742bee84d533


    Headers

    Imports

    Sections

  • XioSpark/lib/curl/7za/x86/7zxa.dll
    .dll windows:4 windows x86 arch:x86

    b56c6d8dc50f73376215a3b3ddce91c0


    Headers

    Imports

    Exports

    Sections

  • XioSpark/lib/curl/OpenFileBox.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • XioSpark/lib/curl/SaveFileBox.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • XioSpark/lib/curl/backgrounds/background-1.jpg
    .jpg
  • XioSpark/lib/curl/backgrounds/background-10.jpg
    .jpg
  • XioSpark/lib/curl/backgrounds/background-11.jpg
    .jpg
  • XioSpark/lib/curl/backgrounds/background-12.jpg
    .jpg
  • XioSpark/lib/curl/backgrounds/background-2.jpg
    .jpg
  • XioSpark/lib/curl/backgrounds/background-3.jpg
    .jpg
  • XioSpark/lib/curl/backgrounds/background-4.jpg
    .jpg
  • XioSpark/lib/curl/backgrounds/background-5.jpg
    .jpg
  • XioSpark/lib/curl/backgrounds/background-6.jpg
    .jpg
  • XioSpark/lib/curl/backgrounds/background-7.jpg
    .jpg
  • XioSpark/lib/curl/backgrounds/background-8.jpg
    .jpg .ps1 polyglot
  • XioSpark/lib/curl/backgrounds/background-9.jpg
    .jpg
  • XioSpark/lib/curl/binread/x64/binread.exe
    .exe windows:4 windows x64 arch:x64

    94e41874fd27bb9cd79133e7f21b03b3


    Headers

    Imports

    Sections

  • XioSpark/lib/curl/binread/x86/binread.exe
    .exe windows:4 windows x86 arch:x86

    7ab5906e263541420d9860e0e5264a71


    Headers

    Imports

    Sections

  • XioSpark/lib/curl/bookmarks_parser.exe
    .exe windows:5 windows x86 arch:x86

    22604f514dda14fc9e9e932cbc54e1b0


    Headers

    Imports

    Sections

  • bookmarks_parser.pyc
  • XioSpark/lib/curl/cmdbkg.exe
    .exe windows:4 windows x86 arch:x86

    ef8cd7f18a9b59b15033fbc2e15348e2


    Headers

    Imports

    Sections

  • XioSpark/lib/curl/cmdwiz.exe
    .exe windows:4 windows x86 arch:x86

    358255d310d10c44d53b3032e06b8b63


    Headers

    Imports

    Sections

  • XioSpark/lib/curl/curl/x64/curl.exe
    .exe windows:4 windows x64 arch:x64

    4cfce998a3d48ef31b71ac123f68c0ae


    Code Sign

    Headers

    Imports

    Sections

  • XioSpark/lib/curl/curl/x86/curl.exe
    .exe windows:4 windows x86 arch:x86

    b53be2138b8b846f28314270895351c4


    Code Sign

    Headers

    Imports

    Sections

  • XioSpark/lib/curl/speak/EN.lang
  • XioSpark/lib/curl/speak/FR.lang
  • XioSpark/lib/curl/speak/extd.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • XioSpark/lib/curl/speak/x64/speak-x64.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • XioSpark/lib/curl/speak/x86/speak-x86.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • XioSpark/lib/curl/x64/curl.exe
    .exe windows:4 windows x64 arch:x64

    4cfce998a3d48ef31b71ac123f68c0ae


    Code Sign

    Headers

    Imports

    Sections

  • XioSpark/lib/curl/x86/curl.exe
    .exe windows:4 windows x86 arch:x86

    b53be2138b8b846f28314270895351c4


    Code Sign

    Headers

    Imports

    Sections

  • XioSpark/lib/speak/649dbf9f33c5d460c17f1ec2.zip
    .zip
  • XioSpark/lib/speak/64cba316b25df8732eebc402.zip
    .zip
  • XioSpark/lib/speak/6516c8018b6aa566ae723220.zip
    .zip
  • XioSpark/lib/speak/7za/x64/7za.dll
    .dll windows:4 windows x64 arch:x64

    22ca0a9fa52636be630f15cf36ce68e9


    Headers

    Imports

    Exports

    Sections

  • XioSpark/lib/speak/7za/x64/7za.exe
    .exe windows:4 windows x64 arch:x64

    7232d06dc00920698f0cad2452012553


    Headers

    Imports

    Sections

  • XioSpark/lib/speak/7za/x64/7zxa.dll
    .dll windows:4 windows x64 arch:x64

    aca74ba801aaf3b47c3daa7d7e22a9db


    Headers

    Imports

    Exports

    Sections

  • XioSpark/lib/speak/7za/x86/7za.dll
    .dll windows:4 windows x86 arch:x86

    cb36a1cf1dc11c2231c4415295a85d2f


    Headers

    Imports

    Exports

    Sections

  • XioSpark/lib/speak/7za/x86/7za.exe
    .exe windows:4 windows x86 arch:x86

    1a9deef54b6b9763013f742bee84d533


    Headers

    Imports

    Sections

  • XioSpark/lib/speak/7za/x86/7zxa.dll
    .dll windows:4 windows x86 arch:x86

    b56c6d8dc50f73376215a3b3ddce91c0


    Headers

    Imports

    Exports

    Sections

  • XioSpark/lib/speak/EN.lang
  • XioSpark/lib/speak/FR.lang
  • XioSpark/lib/speak/OpenFileBox.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • XioSpark/lib/speak/SaveFileBox.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • XioSpark/lib/speak/backgrounds/background-1.jpg
    .jpg
  • XioSpark/lib/speak/backgrounds/background-10.jpg
    .jpg
  • XioSpark/lib/speak/backgrounds/background-11.jpg
    .jpg
  • XioSpark/lib/speak/backgrounds/background-12.jpg
    .jpg
  • XioSpark/lib/speak/backgrounds/background-2.jpg
    .jpg
  • XioSpark/lib/speak/backgrounds/background-3.jpg
    .jpg
  • XioSpark/lib/speak/backgrounds/background-4.jpg
    .jpg
  • XioSpark/lib/speak/backgrounds/background-5.jpg
    .jpg
  • XioSpark/lib/speak/backgrounds/background-6.jpg
    .jpg
  • XioSpark/lib/speak/backgrounds/background-7.jpg
    .jpg
  • XioSpark/lib/speak/backgrounds/background-8.jpg
    .jpg .ps1 polyglot
  • XioSpark/lib/speak/backgrounds/background-9.jpg
    .jpg
  • XioSpark/lib/speak/binread/x64/binread.exe
    .exe windows:4 windows x64 arch:x64

    94e41874fd27bb9cd79133e7f21b03b3


    Headers

    Imports

    Sections

  • XioSpark/lib/speak/binread/x86/binread.exe
    .exe windows:4 windows x86 arch:x86

    7ab5906e263541420d9860e0e5264a71


    Headers

    Imports

    Sections

  • XioSpark/lib/speak/bookmarks_parser.exe
    .exe windows:5 windows x86 arch:x86

    22604f514dda14fc9e9e932cbc54e1b0


    Headers

    Imports

    Sections

  • XioSpark/lib/speak/cmdbkg.exe
    .exe windows:4 windows x86 arch:x86

    ef8cd7f18a9b59b15033fbc2e15348e2


    Headers

    Imports

    Sections

  • XioSpark/lib/speak/cmdwiz.exe
    .exe windows:4 windows x86 arch:x86

    358255d310d10c44d53b3032e06b8b63


    Headers

    Imports

    Sections

  • XioSpark/lib/speak/curl/x64/curl.exe
    .exe windows:4 windows x64 arch:x64

    4cfce998a3d48ef31b71ac123f68c0ae


    Code Sign

    Headers

    Imports

    Sections

  • XioSpark/lib/speak/curl/x86/curl.exe
    .exe windows:4 windows x86 arch:x86

    b53be2138b8b846f28314270895351c4


    Code Sign

    Headers

    Imports

    Sections

  • XioSpark/lib/speak/extd.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • XioSpark/lib/speak/speak/EN.lang
  • XioSpark/lib/speak/speak/FR.lang
  • XioSpark/lib/speak/speak/extd.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • XioSpark/lib/speak/speak/x64/speak-x64.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • XioSpark/lib/speak/speak/x86/speak-x86.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • XioSpark/lib/speak/x64/speak-x64.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • XioSpark/lib/speak/x86/speak-x86.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • XioSpark/ИНСТРУКЦИЯ.txt