Overview

overview

10

Static

static

10

XPloit.zip

windows7-x64

10

XPloit.zip

windows10-2004-x64

1

Resubmissions

21-12-2024 17:42

241221-v9y3xavlaz 10

20-12-2024 23:19

241220-3bbtqawpat 10

20-12-2024 19:29

241220-x7fjwssqdm 10

Analysis

  • max time kernel
    428s
  • max time network
    430s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-12-2024 19:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    XPloit.zip

  • Size

    23.9MB

  • MD5

    df5931935ffe284ca5b40791607e7a4c

  • SHA1

    262399853d05ece01f740d1e820aa892b065b1bd

  • SHA256

    3d6bc3c0247c2b4f87282da002475ac068b5b6cac948743f697832a9a4a4c6de

  • SHA512

    38ac5f801f73714c840e16c8513b3c4f2d29815f042585a61c06830a76c1cae0e7e295241be686ae2d5f4bd19503ee9e69dadd611b1389d6ea9018553df785f7

  • SSDEEP

    393216:OH+kig1whmEJ+oUAgHRsP56jvR3vJ0RPaati4b8sVNSCoOYhkhalpMJpQl+25+:sB1w/J+oUANMj53vOxavKxoqhMgpw+

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\XPloit.zip"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:2992

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads