Overview

overview

7

Static

static

3

XONELauncher.exe

windows10-1703-x64

7

XONELauncher.exe

windows7-x64

7

XONELauncher.exe

windows10-2004-x64

7

XONELauncher.exe

windows11-21h2-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    XONELauncher.exe

  • Size

    510KB

  • Sample

    240511-lpedbsbd6x

  • MD5

    0ed4e0764b8acdc4b7d11e4a1506575a

  • SHA1

    1f20519e4a7716239da265696c815e2d76dae033

  • SHA256

    4f3d3cefe0e1e946aa00d23f4d23c9c9f4d59b0f2728446d9c29dd12a4e88bd9

  • SHA512

    c5a099c4b2f3335bc441b57c4bd6bb3e16f8e895fcae17f553fffc1a34458982069090babbe45d104d57175ad32796c8e22f50f59143060df7a32f628b334390

  • SSDEEP

    3072:63kdTXHpVjSOupBoxJ0u0+ssa6oL9YORen2909vKK9kvDFwsH5CewvoDt41JMabv:TpVjSO0BsdLop5eX9vKliA5VkoDZao

Score
7/10
persistence

Malware Config

Targets

    • Target

      XONELauncher.exe

    • Size

      510KB

    • MD5

      0ed4e0764b8acdc4b7d11e4a1506575a

    • SHA1

      1f20519e4a7716239da265696c815e2d76dae033

    • SHA256

      4f3d3cefe0e1e946aa00d23f4d23c9c9f4d59b0f2728446d9c29dd12a4e88bd9

    • SHA512

      c5a099c4b2f3335bc441b57c4bd6bb3e16f8e895fcae17f553fffc1a34458982069090babbe45d104d57175ad32796c8e22f50f59143060df7a32f628b334390

    • SSDEEP

      3072:63kdTXHpVjSOupBoxJ0u0+ssa6oL9YORen2909vKK9kvDFwsH5CewvoDt41JMabv:TpVjSO0BsdLop5eX9vKliA5VkoDZao

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks