General

  • Target

    LunarRO_EXEC.exe

  • Size

    96KB

  • MD5

    750660c4115082f310530b6edaee6646

  • SHA1

    fcb00e8256e7978e4e4690cd8e44fec66c423f2a

  • SHA256

    12cc22d6b7041f8698d8000327c170aba486bd4aee9ef31f204a379ec7968fa5

  • SHA512

    e5ce9e3b97624474a58cc0f47e414516479f936c45873aadb38bf23a3d0576a2590d9e1b17f248c5423bb661f48b7bb3210f545a982d3fc8575c7001e63c1ddd

  • SSDEEP

    1536:Ww+jjgneye9H9XqcnW85SbTPWI3ehk/oA2MLc4bJnIkX8xOFZU3p2Nn0:Ww+jqeyeF91UbTP8VEc4CksyZU3gNn0

Score
10/10

Malware Config

Extracted

Family

xenorat

C2

127.0.0.1

Mutex

LunarRO_EXEC

Attributes
  • delay

    5000

  • install_path

    temp

  • port

    4444

  • startup_name

    Microsoft File Updater

Signatures

  • Xenorat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • LunarRO_EXEC.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.