Resubmissions

27-10-2024 12:55

241027-p5s37svqdp 10

31-05-2024 23:08

240531-24wtxshg26 10

31-05-2024 23:06

240531-23da7agh4s 10

31-05-2024 23:03

240531-21s9magg7x 10

General

  • Target

    client.exe

  • Size

    45KB

  • Sample

    240531-23da7agh4s

  • MD5

    1acd506e251f840ff4aebd32401a68ab

  • SHA1

    38ce2a41d59a1bf0f3332fb867f43794c39577af

  • SHA256

    b55e1e8555367114aff90727da651e37d8662a2678041b8f50f19fd8a397f984

  • SHA512

    26c74ecb9a20848f0b6bf9a1b9b0ccbc67d1b281337d50bafdf93382f1bf4f89f19669e5a278df8ff032092ede9597d0142b8e2718b0e7bbb034c3e78b84c5c4

  • SSDEEP

    768:wdhO/poiiUcjlJInKTH9Xqk5nWEZ5SbTDaSuI7CPW5k:iw+jjgn8H9XqcnW85SbTvuIM

Score
10/10

Malware Config

Extracted

Family

xenorat

C2

people-weekend.gl.at.ply.gg

Mutex

somerandomvalue

Attributes
  • install_path

    appdata

  • port

    5719

  • startup_name

    Console

Targets

    • Target

      client.exe

    • Size

      45KB

    • MD5

      1acd506e251f840ff4aebd32401a68ab

    • SHA1

      38ce2a41d59a1bf0f3332fb867f43794c39577af

    • SHA256

      b55e1e8555367114aff90727da651e37d8662a2678041b8f50f19fd8a397f984

    • SHA512

      26c74ecb9a20848f0b6bf9a1b9b0ccbc67d1b281337d50bafdf93382f1bf4f89f19669e5a278df8ff032092ede9597d0142b8e2718b0e7bbb034c3e78b84c5c4

    • SSDEEP

      768:wdhO/poiiUcjlJInKTH9Xqk5nWEZ5SbTDaSuI7CPW5k:iw+jjgn8H9XqcnW85SbTvuIM

    Score
    10/10
    • XenorRat

      XenorRat is a remote access trojan written in C#.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks