General
-
Target
2340-6-0x0000000000400000-0x0000000000412000-memory.dmp
-
Size
72KB
-
MD5
9da6f343705474df4d105a5db8fb5a7e
-
SHA1
0047fe861cf6574abe86112843a85e3d500b4340
-
SHA256
37bed6fc3a92c72c8ef2e1411bc771a4812a15d267802f538a0bd00a921337bb
-
SHA512
82d727184a131f0ed50b836d4a848855b890146b913246def76296de451219120b1f088f570aab614a8b462811bc7c7bb17b3b6bcc6a746e82899a7c5df1becb
-
SSDEEP
768:+SisJmceOokD7vcgspLfFpyT7QHbtm+tkyqnN+8NG:YsJmfOzD7kXprj4QHbtZkH4UG
Score
10/10
Malware Config
Extracted
Family
xenorat
C2
dns.requimacofradian.site
Mutex
Xeno_rat_nd8818g
Attributes
-
delay
60000
-
install_path
appdata
-
port
1243
-
startup_name
uic
Signatures
-
Xenorat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2340-6-0x0000000000400000-0x0000000000412000-memory.dmp
Headers
Sections