Analysis
-
max time kernel
1150s -
max time network
1163s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
02-12-2024 20:30
General
-
Target
XWorm V5.6 MRX-HACKING.zip
-
Size
24.5MB
-
MD5
8c669d04127b06dfe21d92cf9805fe06
-
SHA1
e6fd595f5008dabde38ad1dbaa3b4013c97147d2
-
SHA256
e96def1b78cb5b3cade321ae41b9a8742d374a98f9d645926ee614954b264aa4
-
SHA512
15e195831a237da6b7fd559816717d4289ae45c4c44ac5f3b9508eab0326d602eb1c4a8db118c95adc82281c035c0eccb408b8a90a82b74424d3cd74c22fa29c
-
SSDEEP
393216:pya4qRXFeuBc9Q+FjKQ4NmA9LCUjD7kjkJ4AKbyabd8AXo50Ko+Y2ToxYE:pyeRXDBYQwOQiDkjmKl9o5Ho+G
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
Processes
-
C:\Program Files\7-Zip\7zFM.exe"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\XWorm V5.6 MRX-HACKING.zip"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow