Overview

overview

10

Static

static

10

2340-6-0x0...ry.exe

windows7-x64

2340-6-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2340-6-0x0000000000400000-0x0000000000412000-memory.dmp

  • Size

    72KB

  • MD5

    9da6f343705474df4d105a5db8fb5a7e

  • SHA1

    0047fe861cf6574abe86112843a85e3d500b4340

  • SHA256

    37bed6fc3a92c72c8ef2e1411bc771a4812a15d267802f538a0bd00a921337bb

  • SHA512

    82d727184a131f0ed50b836d4a848855b890146b913246def76296de451219120b1f088f570aab614a8b462811bc7c7bb17b3b6bcc6a746e82899a7c5df1becb

  • SSDEEP

    768:+SisJmceOokD7vcgspLfFpyT7QHbtm+tkyqnN+8NG:YsJmfOzD7kXprj4QHbtZkH4UG

Score
10/10
xenorat

Malware Config

Extracted

Family

xenorat

C2

dns.requimacofradian.site

Mutex

Xeno_rat_nd8818g

Attributes
  • delay

    60000

  • install_path

    appdata

  • port

    1243

  • startup_name

    uic

Signatures

  • Xenorat family
    xenorat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2340-6-0x0000000000400000-0x0000000000412000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections