General
-
Target
5oP2ak
-
Size
508B
-
Sample
240713-cyqchsthke
-
MD5
db55c0a45c78e31108711e01515a26d0
-
SHA1
667d59c73d995076e9e3566ad0acab62b81ebde8
-
SHA256
10a806b3b91bce876937c1f705b91153f5fdc91c88fe442dfd0ae6f06e26a9cb
-
SHA512
35e4645768d3534a5f9cd845b5d78718dc19e62aa2edaf53041d6d3408b22e6e8d0071dc27e3eab3b64a8df79a12dee72a7aeef81a24ac83d292bafabf78bbb4
Static task
static1
Malware Config
Extracted
Family
xenorat
C2
127.0.0.1
Mutex
Xeno_rat_nd8912d
Attributes
-
delay
5000
-
install_path
appdata
-
port
4444
-
startup_name
nothingset
Targets
-
-
Target
5oP2ak
-
Size
508B
-
MD5
db55c0a45c78e31108711e01515a26d0
-
SHA1
667d59c73d995076e9e3566ad0acab62b81ebde8
-
SHA256
10a806b3b91bce876937c1f705b91153f5fdc91c88fe442dfd0ae6f06e26a9cb
-
SHA512
35e4645768d3534a5f9cd845b5d78718dc19e62aa2edaf53041d6d3408b22e6e8d0071dc27e3eab3b64a8df79a12dee72a7aeef81a24ac83d292bafabf78bbb4
-
Downloads MZ/PE file
-
Executes dropped EXE
-