Overview

overview

5

Static

static

3

X48 Loader...spv.sh

windows10-2004-x64

3

X48 Loader...spv.sh

windows11-21h2-x64

3

X48 Loader...GX.exe

windows10-2004-x64

1

X48 Loader...GX.exe

windows11-21h2-x64

1

X48 Loader...ng.exe

windows10-2004-x64

5

X48 Loader...ng.exe

windows11-21h2-x64

5

Analysis

  • max time kernel
    417s
  • max time network
    1137s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    14/09/2024, 10:04

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    X48 Loader/examples/example_win32_directx11/Release/vxlang/vxlang.exe

  • Size

    4.8MB

  • MD5

    88ed3d139eb7ae96ec10b3a06c3be6ea

  • SHA1

    c6de0474d982f6d12670f9cbc71f05420d023e9a

  • SHA256

    b8481fa65ca9bc716357a1fa0e23a930277d2e070b7b8aa1cd6d2e771ea467f5

  • SHA512

    0d69d07deb6fd0770fe5e718940a88609635fe31594c127e75d51a942061cfc2c3defb325b34c4f01aa150764694cdf2671967759402f9e49fd56fbee52716ec

  • SSDEEP

    98304:a72PUKPzu3MEVmpMMg9gmL+2Pp86gkLTDUU:jPUjMtEgmLM6gkvD3

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\X48 Loader\examples\example_win32_directx11\Release\vxlang\vxlang.exe
    "C:\Users\Admin\AppData\Local\Temp\X48 Loader\examples\example_win32_directx11\Release\vxlang\vxlang.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:2300

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2300-0-0x00007FF6D64F0000-0x00007FF6D7185000-memory.dmp

          Filesize

          12.6MB

          Download

        • memory/2300-1-0x00007FF6D64F0000-0x00007FF6D7185000-memory.dmp

          Filesize

          12.6MB

          Download

        • memory/2300-2-0x00007FF6D64F0000-0x00007FF6D7185000-memory.dmp

          Filesize

          12.6MB

          Download

        • memory/2300-4-0x00007FF6D64F0000-0x00007FF6D7185000-memory.dmp

          Filesize

          12.6MB

          Download

        • memory/2300-8-0x00007FF6D64F0000-0x00007FF6D7185000-memory.dmp

          Filesize

          12.6MB

          Download

        • memory/2300-9-0x00007FF6D64F0000-0x00007FF6D7185000-memory.dmp

          Filesize

          12.6MB

          Download

        • memory/2300-7-0x00007FF6D64F0000-0x00007FF6D7185000-memory.dmp

          Filesize

          12.6MB

          Download

        • memory/2300-10-0x00007FF6D64F0000-0x00007FF6D7185000-memory.dmp

          Filesize

          12.6MB

          Download

        • memory/2300-13-0x00007FF6D64F0000-0x00007FF6D7185000-memory.dmp

          Filesize

          12.6MB

          Download

        • memory/2300-14-0x00007FF6D64F0000-0x00007FF6D7185000-memory.dmp

          Filesize

          12.6MB

          Download

        • memory/2300-16-0x00007FF6D64F0000-0x00007FF6D7185000-memory.dmp

          Filesize

          12.6MB

          Download