Overview

overview

10

Static

static

10

XWorm V5.6...io.dll

windows7-x64

1

XWorm V5.6...io.dll

windows10-2004-x64

1

XWorm V5.6...on.dll

windows7-x64

1

XWorm V5.6...on.dll

windows10-2004-x64

1

XWorm V5.6...ws.dll

windows7-x64

1

XWorm V5.6...ws.dll

windows10-2004-x64

1

XWorm V5.6...at.dll

windows7-x64

1

XWorm V5.6...at.dll

windows10-2004-x64

1

XWorm V5.6...um.dll

windows7-x64

1

XWorm V5.6...um.dll

windows10-2004-x64

1

XWorm V5.6...rd.dll

windows7-x64

1

XWorm V5.6...rd.dll

windows10-2004-x64

1

XWorm V5.6...ss.dll

windows7-x64

1

XWorm V5.6...ss.dll

windows10-2004-x64

1

XWorm V5.6...er.dll

windows7-x64

1

XWorm V5.6...er.dll

windows10-2004-x64

1

XWorm V5.6...er.dll

windows7-x64

1

XWorm V5.6...er.dll

windows10-2004-x64

1

XWorm V5.6...er.dll

windows7-x64

1

XWorm V5.6...er.dll

windows10-2004-x64

1

XWorm V5.6...DP.dll

windows7-x64

1

XWorm V5.6...DP.dll

windows10-2004-x64

1

XWorm V5.6...NC.dll

windows7-x64

1

XWorm V5.6...NC.dll

windows10-2004-x64

1

XWorm V5.6...ry.dll

windows7-x64

1

XWorm V5.6...ry.dll

windows10-2004-x64

1

XWorm V5.6...ps.dll

windows7-x64

1

XWorm V5.6...ps.dll

windows10-2004-x64

1

XWorm V5.6...ns.dll

windows7-x64

1

XWorm V5.6...ns.dll

windows10-2004-x64

1

XWorm V5.6...er.dll

windows7-x64

1

XWorm V5.6...er.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02-07-2024 15:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    XWorm V5.6/XWorm V5.6/Plugins/Chromium.dll

  • Size

    32KB

  • MD5

    edb2f0d0eb08dcd78b3ddf87a847de01

  • SHA1

    cc23d101f917cad3664f8c1fa0788a89e03a669c

  • SHA256

    b6d8bccdf123ceac6b9642ad3500d4e0b3d30b9c9dd2d29499d38c02bd8f9982

  • SHA512

    8f87da834649a21a908c95a9ea8e2d94726bd9f33d4b7786348f6371dfae983cc2b5b5d4f80a17a60ded17d4eb71771ec25a7c82e4f3a90273c46c8ee3b8f2c3

  • SSDEEP

    768:6SyQlmUmBlEu0FXfjq2sgDrLjfcVJ5sN9aWdMIxbKhJ+GEq3ZsL5f62:3yQltmBlmFXfjq2sgDrLjfcVJ5sNkQOa

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 11 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 37 IoCs
  • Suspicious use of SendNotifyMessage 37 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\XWorm V5.6\XWorm V5.6\Plugins\Chromium.dll",#1
    1⤵
      PID:2284
    • C:\Windows\system32\taskmgr.exe
      "C:\Windows\system32\taskmgr.exe" /4
      1⤵
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      PID:2376

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2376-0-0x0000000140000000-0x00000001405E8000-memory.dmp
      Filesize

      5.9MB

      Download