General
-
Target
skididbop.exe
-
Size
45KB
-
Sample
240523-x4n2vsdc59
-
MD5
3c8c937572ec914fcec514388198512c
-
SHA1
45b51ee6aa6eaa491dde2e536ccfeb93f13519a4
-
SHA256
dd4b30cd3c1ed3b6ff0952f5aa9e14a334a4bd11a09cdc7ab37aa45cfd739328
-
SHA512
0303eb186bf0b388b23a359992386da1b4f65988655590717bc37ac6860a2529eae575ee0d03245b94c1e6c68cea5731ce46dfe2f373bb856cb43a874edbf6e6
-
SSDEEP
768:6dhO/poiiUcjlJInVFH9Xqk5nWEZ5SbTDa/WI7CPW5N:cw+jjgnrH9XqcnW85SbTWWIF
Behavioral task
behavioral1
Sample
skididbop.exe
Resource
win7-20240419-en
Malware Config
Extracted
xenorat
45.88.186.12
2
-
install_path
appdata
-
port
5050
-
startup_name
svchost
Targets
-
-
Target
skididbop.exe
-
Size
45KB
-
MD5
3c8c937572ec914fcec514388198512c
-
SHA1
45b51ee6aa6eaa491dde2e536ccfeb93f13519a4
-
SHA256
dd4b30cd3c1ed3b6ff0952f5aa9e14a334a4bd11a09cdc7ab37aa45cfd739328
-
SHA512
0303eb186bf0b388b23a359992386da1b4f65988655590717bc37ac6860a2529eae575ee0d03245b94c1e6c68cea5731ce46dfe2f373bb856cb43a874edbf6e6
-
SSDEEP
768:6dhO/poiiUcjlJInVFH9Xqk5nWEZ5SbTDa/WI7CPW5N:cw+jjgnrH9XqcnW85SbTWWIF
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-