General
-
Target
eulenbet.exe
-
Size
181KB
-
MD5
c4041e19c6b52778b1885e109e15127b
-
SHA1
adf0226f2014540fa230e7c24afca0732fbb02ec
-
SHA256
295a87700cdc0f4e493fbf4be933bd390a5dc0b0ee7ef50f78715b946a505579
-
SHA512
50f4e5fc0a3b2331edb4da18d9f5d5c9249c63912311b7d4d5808df0d473fb0c4f0ad0be148abfd97e01f647e28b8c49efa555dd58d206f778030e1c62996dd3
-
SSDEEP
1536:bxw+jjgnCH9XqcnW85SbTeWI30n+iQpXIJUuzDSZeit22i8PwQBVD39M0h:bxw+jq891UbTe64uzDSEG2dCBVDtMu
Score
10/10
Malware Config
Extracted
Family
xenorat
C2
character-acquisitions.gl.at.ply.gg
Mutex
Xeno_rat_nd8912d
Attributes
-
delay
5000
-
install_path
appdata
-
port
36301
-
startup_name
explorers
Signatures
-
Xenorat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
eulenbet.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections