Overview
overview
3Static
static
3cxapis.zip
windows7-x64
1cxapis.zip
windows10-2004-x64
1cxapis.sln
windows7-x64
3cxapis.sln
windows10-2004-x64
3cxapis/Api.js
windows7-x64
3cxapis/Api.js
windows10-2004-x64
3cxapis/Pro...nfo.cs
windows7-x64
3cxapis/Pro...nfo.cs
windows10-2004-x64
3cxapis/bin...is.dll
windows7-x64
1cxapis/bin...is.dll
windows10-2004-x64
1cxapis/bin...is.pdb
windows7-x64
3cxapis/bin...is.pdb
windows10-2004-x64
3cxapis/cxapis.csproj
windows7-x64
3cxapis/cxapis.csproj
windows10-2004-x64
3cxapis/obj...tes.cs
windows7-x64
1cxapis/obj...tes.cs
windows10-2004-x64
1cxapis/obj...tes.cs
windows7-x64
1cxapis/obj...tes.cs
windows10-2004-x64
1cxapis/obj....cache
windows7-x64
3cxapis/obj....cache
windows10-2004-x64
3cxapis/obj....cache
windows7-x64
3cxapis/obj....cache
windows10-2004-x64
3cxapis/obj....cache
windows7-x64
3cxapis/obj....cache
windows10-2004-x64
3cxapis/obj....cache
windows7-x64
3cxapis/obj....cache
windows10-2004-x64
3cxapis/obj...te.txt
windows7-x64
1cxapis/obj...te.txt
windows10-2004-x64
1cxapis/obj...is.dll
windows7-x64
1cxapis/obj...is.dll
windows10-2004-x64
1cxapis/obj...is.pdb
windows7-x64
3cxapis/obj...is.pdb
windows10-2004-x64
3Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
19/11/2024, 13:17
Static task
static1
Behavioral task
behavioral1
Sample
cxapis.zip
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral2
Sample
cxapis.zip
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
cxapis.sln
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral4
Sample
cxapis.sln
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
cxapis/Api.js
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral6
Sample
cxapis/Api.js
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
cxapis/Properties/AssemblyInfo.cs
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral8
Sample
cxapis/Properties/AssemblyInfo.cs
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
cxapis/bin/Debug/cxapis.dll
Resource
win7-20241023-en
windows7-x64
Behavioral task
behavioral10
Sample
cxapis/bin/Debug/cxapis.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
cxapis/bin/Debug/cxapis.pdb
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral12
Sample
cxapis/bin/Debug/cxapis.pdb
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
cxapis/cxapis.csproj
Resource
win7-20240729-en
windows7-x64
Behavioral task
behavioral14
Sample
cxapis/cxapis.csproj
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
cxapis/obj/Debug/.NETFramework,Version=v4.7.2.AssemblyAttributes.cs
Resource
win7-20241010-en
windows7-x64
Behavioral task
behavioral16
Sample
cxapis/obj/Debug/.NETFramework,Version=v4.7.2.AssemblyAttributes.cs
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
cxapis/obj/Debug/.NETFramework,Version=v4.8.AssemblyAttributes.cs
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral18
Sample
cxapis/obj/Debug/.NETFramework,Version=v4.8.AssemblyAttributes.cs
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
cxapis/obj/Debug/DesignTimeResolveAssemblyReferences.cache
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral20
Sample
cxapis/obj/Debug/DesignTimeResolveAssemblyReferences.cache
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
cxapis/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
Resource
win7-20241023-en
windows7-x64
Behavioral task
behavioral22
Sample
cxapis/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
cxapis/obj/Debug/cxapis.csproj.AssemblyReference.cache
Resource
win7-20241010-en
windows7-x64
Behavioral task
behavioral24
Sample
cxapis/obj/Debug/cxapis.csproj.AssemblyReference.cache
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
cxapis/obj/Debug/cxapis.csproj.CoreCompileInputs.cache
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral26
Sample
cxapis/obj/Debug/cxapis.csproj.CoreCompileInputs.cache
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
cxapis/obj/Debug/cxapis.csproj.FileListAbsolute.txt
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral28
Sample
cxapis/obj/Debug/cxapis.csproj.FileListAbsolute.txt
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
cxapis/obj/Debug/cxapis.dll
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral30
Sample
cxapis/obj/Debug/cxapis.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
cxapis/obj/Debug/cxapis.pdb
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral32
Sample
cxapis/obj/Debug/cxapis.pdb
Resource
win10v2004-20241007-en
windows10-2004-x64
General
-
Target
cxapis.zip
-
Size
61KB
-
MD5
8ace335a57692d5222c3fdfe4fbfe0d4
-
SHA1
eae666a88393736eae167a245301bdcc987f9492
-
SHA256
0936025bfb10327389e11fb5fe745b9b4056d6e8939b1271750b9322792dff92
-
SHA512
f2465017b8035b27950f42dfab7cda2b0d1f706ba06a3ffa5457ed1a37d1eefe9ec3747cf478dd424ac0ddad92a118c973d17d11cd2eeabcbd3fcf269da623be
-
SSDEEP
1536:ORQ+hI60GtEOIKB66+hI60mtEOIKv44lbmBME410Utqyeq3d:ORjf0Ga5KB4f0ma5KQ2aiEW0Lxqt
Malware Config
Signatures
-
Modifies registry class 1 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_Classes\Local Settings 7zFM.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1868 7zFM.exe -
Suspicious use of AdjustPrivilegeToken 3 IoCs
description pid Process Token: SeRestorePrivilege 1868 7zFM.exe Token: 35 1868 7zFM.exe Token: SeSecurityPrivilege 1868 7zFM.exe -
Suspicious use of FindShellTrayWindow 2 IoCs
pid Process 1868 7zFM.exe 1868 7zFM.exe