Analysis
-
max time kernel
417s -
max time network
429s -
platform
windows10-2004_x64 -
resource
win10v2004-20250129-it -
resource tags
-
submitted
31-01-2025 17:01
General
-
Target
XWorm-5.6.rar
-
Size
21.5MB
-
MD5
4f57637d0aa8ed0d3055802c3a90a58d
-
SHA1
c8b298c0edea336ee4710a3c1da5cc7bce7467cf
-
SHA256
987af5ed785a0c412b8c4f829df902e82e62e21917aa7abdcc0d825b4a463c67
-
SHA512
5d7fae098076531f1af3447d03cfc1909cdc00cd3757132bee7d8ccb1b84d1e57d1c11066afa70c2d102fbcc5233a7e43c2ff017dc67a2cf7591a923032d54f7
-
SSDEEP
393216:D+N2F6y80fxdY24Xhf7QUECurlXcphU4SwUKidjxOfvP5AXyaLe39neZ:D+Nj6x+TlEUEhIXSwUbdF6pEyJ3UZ
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
Processes
-
C:\Program Files\7-Zip\7zFM.exe"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\XWorm-5.6.rar"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow