Overview

overview

10

Static

static

10

1524-4-0x0...ry.exe

windows7-x64

1524-4-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1524-4-0x0000000000400000-0x0000000000412000-memory.dmp

  • Size

    72KB

  • Sample

    240508-sx43aadf77

  • MD5

    d21d3d1cfac3c2c3cb5aa855e0575ddd

  • SHA1

    28a77045d182b7a55224b00cfc0c2ce2caaa60e6

  • SHA256

    b04c91c8b5c9f383c47898ec419586e9f6239aed49edfcbc3fed5231d3e42c6c

  • SHA512

    3a5bc07830a24568495157a538f502bb8826337bac43a59db09d73bf64ef61742cba66ea505b55c552d4ceba4ffbe439da20c00f6d399bd125d3f2ed40bf030e

  • SSDEEP

    768:OSisJmceOoOD7vcgspLfFpyT7QHbtm+nkyqnN+8N8:osJmfOlD7kXprj4QHbtjkH4U8

Score
10/10
xenorat

Malware Config

Extracted

Family

xenorat

C2

dns.requimacofradian.site

Mutex

Xeno_rat_nd8828g

Attributes
  • delay

    60000

  • install_path

    appdata

  • port

    1253

  • startup_name

    dic

Targets

    • Target

      1524-4-0x0000000000400000-0x0000000000412000-memory.dmp

    • Size

      72KB

    • MD5

      d21d3d1cfac3c2c3cb5aa855e0575ddd

    • SHA1

      28a77045d182b7a55224b00cfc0c2ce2caaa60e6

    • SHA256

      b04c91c8b5c9f383c47898ec419586e9f6239aed49edfcbc3fed5231d3e42c6c

    • SHA512

      3a5bc07830a24568495157a538f502bb8826337bac43a59db09d73bf64ef61742cba66ea505b55c552d4ceba4ffbe439da20c00f6d399bd125d3f2ed40bf030e

    • SSDEEP

      768:OSisJmceOoOD7vcgspLfFpyT7QHbtm+nkyqnN+8N8:osJmfOlD7kXprj4QHbtjkH4U8

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks