General

  • Target

    Xeno Logger.V6.exe

  • Size

    79.8MB

  • Sample

    230913-v6dmssge24

  • MD5

    7b60bc077e6c7997cc634d96dcd7e71d

  • SHA1

    bd9077f0bebd3f276adefeb8ac52b4ad7a9e9b46

  • SHA256

    867099e9cfd72f22d07a5faf4c82416c959f236a1392ad1f16a1ddcfcf9895d9

  • SHA512

    8f1343e5d90bccdefda2a7948b171ee82692fe511f39a501fd37730b216837f21cd71af6d07ef770c4b732ec6132c3f568a0b65e842eea4ac214e842c6b66d43

  • SSDEEP

    1572864:zjQNuiEjtgWGSiQtWWc2Mp6SbBirAH8+1osuTCSxOB6xMbWoVt7hWHzrU:zjX3yWGSi0lc2gnbBS6xjKcBaOXVtlWU

Malware Config

Targets

    • Target

      Xeno Logger.V6.exe

    • Size

      79.8MB

    • MD5

      7b60bc077e6c7997cc634d96dcd7e71d

    • SHA1

      bd9077f0bebd3f276adefeb8ac52b4ad7a9e9b46

    • SHA256

      867099e9cfd72f22d07a5faf4c82416c959f236a1392ad1f16a1ddcfcf9895d9

    • SHA512

      8f1343e5d90bccdefda2a7948b171ee82692fe511f39a501fd37730b216837f21cd71af6d07ef770c4b732ec6132c3f568a0b65e842eea4ac214e842c6b66d43

    • SSDEEP

      1572864:zjQNuiEjtgWGSiQtWWc2Mp6SbBirAH8+1osuTCSxOB6xMbWoVt7hWHzrU:zjX3yWGSi0lc2gnbBS6xjKcBaOXVtlWU

    Score
    9/10
    • Enumerates VirtualBox DLL files

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Target

      source_prepared.pyc

    • Size

      103KB

    • MD5

      89898ed9e83b52f1d5e4162bb0b73114

    • SHA1

      95094c30786065e0ce9be2793e7e23addf6b455f

    • SHA256

      7fd5825cb73b84fb94508101625cfcaf1f9c682d66cb1f34646c94e06fe8de97

    • SHA512

      8e03205b43be6d33fd4ec8ff3c583a35abd10ae94b24933f15fb84db3f08984d67b874e1a26ffae82bbcb473d0e407c4bca8b605c26585e190897c3b6c6282f2

    • SSDEEP

      1536:/LadgbKGKOQ0ydBBqQocsPECAteBaHwV5M6dvXtiI:/Laq2GXQRho5PEtesHOX/tiI

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks