Overview

overview

3

Static

static

3

xman_1_win...nc.exe

windows7-x64

1

xman_1_win...nc.exe

windows10-2004-x64

1

xman_1_win...ns.exe

windows7-x64

1

xman_1_win...ns.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    125s
  • max time network
    131s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-09-2024 09:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    xman_1_windows_amd64/xmanc.exe

  • Size

    14.2MB

  • MD5

    8b8267166ea8ac6b1de3fef9f25b270b

  • SHA1

    37357da1a0fa3071ff1ebe2129fd25191f8c9bc0

  • SHA256

    df481061163b6b6e0a77794bae453825c6e0b2d4e019463c98c7acd805235efc

  • SHA512

    b8f7542fdf5efea83ffe19a44a1e09e8c8ae69b9117e2b8718ed70fa4a1f473e3a71ee004cd7907c7135d36a1ca304548dd972a37dc2a0d1415cddfab25657ae

  • SSDEEP

    98304:wDTgZeKFheLWHEh+DDXGE0b3GE8E/HmU6Ln2o5d4pN6wiPRXgrWSAiJk:w8eLWHECC8Evi1RAAi

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\xman_1_windows_amd64\xmanc.exe
    "C:\Users\Admin\AppData\Local\Temp\xman_1_windows_amd64\xmanc.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:4420
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3032,i,11251706013556949551,5157034131170452377,262144 --variations-seed-version --mojo-platform-channel-handle=4440 /prefetch:8
    1⤵
      PID:3724

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads