General

  • Target

    5a74ace81656d018cc01e7db0cf24abe072524df6c297fa2081019e89680e5e1_dump.exe

  • Size

    46KB

  • MD5

    2e6acdcea8f62c62efccd790b8cce3f7

  • SHA1

    44fa27c411545d32955ad7e342ff0462ad49a776

  • SHA256

    79b315305079f3cdf15ff04463ade270a4056b90d8b95937f19455f47603b1ed

  • SHA512

    639b5d5b587090e494f71f05671b20883a3456029ae15ff463ba46855691f070ada664cde95905047d1491aa04432c28b721839da2534d48003f06045725b78e

  • SSDEEP

    768:+SisJmceOoRDlY8spLfFpyT7QHbtm+mEyqnN+8N9:YsJmfO2De7prj4QHbtiEH4U9

Score
10/10

Malware Config

Extracted

Family

xenorat

C2

dns.dobiamfollollc.online

Mutex

Solid_rat_nd8889g

Attributes
  • delay

    61000

  • install_path

    appdata

  • port

    1283

  • startup_name

    bns

Signatures

  • Xenorat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5a74ace81656d018cc01e7db0cf24abe072524df6c297fa2081019e89680e5e1_dump.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections