Resubmissions

08-06-2024 04:31

240608-e5hmcshh95 10

02-06-2024 08:52

240602-ks7zdahc33 10

General

  • Target

    incognitobeta.exe

  • Size

    45KB

  • MD5

    e9fc233c0a49d897c3d5d86350986f19

  • SHA1

    fa122e95d3b34518aff46efac9e7f56926b64e40

  • SHA256

    b9e61bef0d3bbe426ef78c71f18141967f2622d048fe0f24ccb80cdef75bb27f

  • SHA512

    de06a67f60959efb9bd89066b81e3ad788b1b49ae10ac19269914470fa7605bea95e3f98e348d2df67baf0efe310b6c2333c29e1d0ca2e6071db185aafecebd4

  • SSDEEP

    768:hdhO/poiiUcjlJIn8tUH9Xqk5nWEZ5SbTDaaWI7CPW5Z:fw+jjgn6UH9XqcnW85SbTjWIh

Score
10/10

Malware Config

Extracted

Family

xenorat

C2

127.0.0.1

Mutex

incognito

Attributes
  • delay

    5000

  • install_path

    temp

  • port

    4444

  • startup_name

    USBsupervisor

Signatures

  • Xenorat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • incognitobeta.exe
    .exe windows:4 windows x86 arch:x86

    Password: 1234

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections