General

  • Target

    https://cdn.discordapp.com/attachments/1246876705122029608/1248035054043791360/Xylex-Updated.zip?ex=666232b8&is=6660e138&hm=3269bed6ee4071ff00aed2d88602ea0e41a883168180e2af9afc6ee1756a714a&

  • Sample

    240605-11rkcsad81

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://github.com/i6667/xylex/releases/download/vypix/xylex.exe

Targets

    • Target

      https://cdn.discordapp.com/attachments/1246876705122029608/1248035054043791360/Xylex-Updated.zip?ex=666232b8&is=6660e138&hm=3269bed6ee4071ff00aed2d88602ea0e41a883168180e2af9afc6ee1756a714a&

    Score
    10/10
    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks