Resubmissions
11-11-2024 18:26
241111-w3hm1ssmd1 1011-11-2024 17:59
241111-wk5ptstamb 1011-11-2024 00:19
241111-al9vaaxnev 10Analysis
-
max time kernel
838s -
max time network
842s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
11-11-2024 17:59
Behavioral task
behavioral1
Sample
XWorm V5.6.zip
Resource
win7-20240903-en
windows7-x64
3 signatures
1800 seconds
Behavioral task
behavioral2
Sample
XWorm V5.6.zip
Resource
win10v2004-20241007-en
windows10-2004-x64
29 signatures
1800 seconds
General
-
Target
XWorm V5.6.zip
-
Size
24.5MB
-
MD5
27065dd8016564f65a5444d70a9daad1
-
SHA1
1be1151330b7b0f12c486e9e36a1fa682adcac50
-
SHA256
7c62a831647b0234a097ff94b160e0534d7c465d7bbd6fca8953c951a55157cf
-
SHA512
fcf41ba034133fcb7f91936fb16a6b59503a9016a78079c61fd692edec24a7e3daadf8ae2459d36ecd6c72dff9f8835355ea8cc7d20455d3e0922d74f7337435
-
SSDEEP
393216:VyavqxXFeuBc9Q+Fdt6ieJS9xCZGb7kjjJ6AKbKrbdcjXo50Ko+Y2ToxYv:Vy5xXDBYQwn63qkjBKego5Ho+R
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2380 7zFM.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeRestorePrivilege 2380 7zFM.exe Token: 35 2380 7zFM.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2380 7zFM.exe