General
-
Target
c8aba6ff578066859f0d1e9108857cda5ddf8345761d2df01f361cf1dd1b2c40.exe
-
Size
51KB
-
MD5
a6f078369a4601c8410bafbbab7c1699
-
SHA1
2f7f05fa31afc889ebb07ac81ead20633eb9bf42
-
SHA256
c8aba6ff578066859f0d1e9108857cda5ddf8345761d2df01f361cf1dd1b2c40
-
SHA512
acf515ba9c1af71953177f6d411fb217ecc416ef75d5f533caa02665aa0ed41b255f7a33d15646ec7e67395e8594e033302c2cc7c06b137370464e815a1c8bcf
-
SSDEEP
768:ECivdjHrddilbVauou79Eo8Wq8vBvyHuBSkGu2yPo+LGZYebFDa026RNSgNOd/:EbpHmVauo3mXvNDj6CSYebFxTf4F
Score
10/10
Malware Config
Extracted
Family
xenorat
C2
37.120.141.155
Mutex
123444
Attributes
-
delay
5000
-
install_path
appdata
-
port
22914
-
startup_name
WinSCVUpdate
Signatures
-
Xenorat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
c8aba6ff578066859f0d1e9108857cda5ddf8345761d2df01f361cf1dd1b2c40.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections