General

  • Target

    Release (2).zip

  • Size

    6.4MB

  • Sample

    240801-t8as9azbpk

  • MD5

    89661a9ff6de529497fec56a112bf75e

  • SHA1

    2dd31a19489f4d7c562b647f69117e31b894b5c3

  • SHA256

    e7b275d70655db9cb43fa606bbe2e4f22478ca4962bbf9f299d66eda567d63cd

  • SHA512

    33c765bf85fbec0e58924ece948b80a7d73b7577557eaac8865e481c61ad6b71f8b5b846026103239b3bd21f438ff0d7c1430a51a4a149f16a215faad6dab68f

  • SSDEEP

    196608:SYNI1S7C6S230UwVLW83FUSA7WQZzwM3/C2cM7m2:rNIs7CDvB1USA7WS/vcx2

Score
10/10

Malware Config

Extracted

Family

xenorat

C2

localhost

Mutex

testing 123123

Attributes
  • delay

    1000

  • install_path

    nothingset

  • port

    1234

  • startup_name

    nothingset

Targets

    • Target

      plugins/Chat.dll

    • Size

      11KB

    • MD5

      0e5695b84313f7ed7b86dbba80b0342a

    • SHA1

      1db6a341dc01460c0c42690e42e2af2c57e53a4a

    • SHA256

      fe7677898bda46cd4b88d779b83545c2741f047ba45a3b45cbf3e6912b5d0a14

    • SHA512

      b8b67521ae69968bb5e0567a646b1b99fa8ec0db74fd7fc1e2482d036e775f7103163bcd2a6d6194d9e3e24efdd25bdcba35e1f76dadd79b01d762da8df28b58

    • SSDEEP

      192:Xt5SEw0NmpdxSE2sECoxmTNny9+EUrcya8Vk3h:9EP0NmR+CoxmTNng+EPy1Vk3h

    Score
    1/10
    • Target

      plugins/File manager.dll

    • Size

      16KB

    • MD5

      0746f23b790fd439980d155a75e6275b

    • SHA1

      c851f8b269cb82ed1a1dab1dc106edd5e95b6d04

    • SHA256

      fa08d4b54719f477eee7a7ce9d75dd84bc123e7f8b8546a1e2a394743fa319df

    • SHA512

      2569ad1c09cfb478cfba3ca44276cea443de91a1e66181968388052f0d06cd8be497c5959c0863709d89ab380bcdb3edccfed4fa7207f16ec340474f45bb6bc9

    • SSDEEP

      384:AAlqtn09rDgrPhQJBLjQ2z0A7VBvBGQEwZmya1HGrJxEKNX:f52qHMe0A7Vlo331mrJbNX

    Score
    1/10
    • Target

      plugins/Fun.dll

    • Size

      10KB

    • MD5

      b7c76350514a33374f4597d219d9fec1

    • SHA1

      f29cad3c62c7c827b1c46a412b842c71ad8f7fe3

    • SHA256

      cbf43a078e26e01184b89bb54f0469291946061426fbcf0ecaf6c205bd898812

    • SHA512

      a9c7fd686d73987de75103e772471c084a2913a5087fe827763ac01ec5960abac77d00409ba8cabbea0260c27561975a1519392a845f4dcb842c3e02d1ccf202

    • SSDEEP

      192:mySQnh/1lrzXHfvzHfR8B+E9E1gdZ9ONBh6:mpQnh/rnXHfvLfSt9E1+O3h6

    Score
    1/10
    • Target

      plugins/Hvnc.dll

    • Size

      44KB

    • MD5

      5353c15bee04dcac54f80dd7d5660b21

    • SHA1

      2663966150926b2528e4f04913b97bfd7ef988b7

    • SHA256

      b029348ff669a2ec5f042376f0b31049688437c7b6ce1d7c36fb7f03d4224932

    • SHA512

      3a1ec391fd8e7008d6398078007d0eab071c2b563cd05bd0e3228e3b73e775ec2504b39c81989a3d928c5a6afc1797ae76dd3079ba1515f60813f9b34e7ac9f9

    • SSDEEP

      768:x6WH72TsRqvj62N0MPVxKVgr3TcJoQ8je8WHJiCVg5t3l8hpo31e5TtOR6iKPeyH:0WH7b2N0kVQVgrjcaQ8je8iJ3ot1cmaZ

    Score
    1/10
    • Target

      plugins/InfoGrab.dll

    • Size

      971KB

    • MD5

      86bf07899c4e9764b0752713fe6f12c9

    • SHA1

      813924938e367a361c1145ce135e078967d7903e

    • SHA256

      11a09734dc3a412ef8130a65a0c06b1ccfc24673d818959cfe50f6b462e33d67

    • SHA512

      bb0ca1445b0215ca3bb85defea6fc902618218be04ce006565753c13e3fb3cf786d8dc0fcbe4f77443be28feefe8331e710d895ae8e0b20455b15e7a8bb94578

    • SSDEEP

      24576:GOGlTjiaeAeOTKAzbARntW+hZxCNqbo6RVX8sa6AtWZl2cFkN:GOGNjiSZTKAzkltDhTCcVX8saTtWycO

    Score
    1/10
    • Target

      plugins/KeyLogger.dll

    • Size

      12KB

    • MD5

      1e8ff2a86962488515380c6a27a775c3

    • SHA1

      39e1f2f4f9e113e7657abc4adafc8fbd0a5ad016

    • SHA256

      cb199fb2fee33300cea0f9b30ad0d3287206c4b1fe380eaa4fa7040b184510a5

    • SHA512

      b50ba227037580e1d68eb4ca9a4a751739152716b9e11e2b2b8e6ca0254f043a76e58d3a7e4b790c3cfb46fa1b6676bd74285b6801f1f0c0d00565c4f78f7168

    • SSDEEP

      192:Wv+i+cBHIDQkHTvckioy8p4Wbj5Lg3iZEYiRL9eT0pqfAp0FSkiXHB3K:Wv+ifODQkHTvBi8Rbj5zEYiR9eT0pqf7

    Score
    1/10
    • Target

      plugins/KeyLoggerOffline.dll

    • Size

      22KB

    • MD5

      4cf2a22b5fefa18e2ab36a1d73f79833

    • SHA1

      eb38e955e34998235040da965979e09d5d88df6d

    • SHA256

      3414c471c425ab070896e77df290debd5708748d02cd48952c69133795b4abe1

    • SHA512

      0ad3666f9f6b942be9c48cf9d24660faa0b5aa3184e08d9c1b9414220b60cbbfab19c8a082f72c79949edc3ca1b446e53d0f1452e569f531b90ca768f0550161

    • SSDEEP

      384:tgqiSBJEMs8uohRFeD4nws5lGHEKVUQlDUqajk7oHVEzipi9eT0pqfAp0FSFzJDJ:acYJn6lGkiHlDF/oHBoz9JDVz

    Score
    1/10
    • Target

      plugins/LiveMicrophone.dll

    • Size

      494KB

    • MD5

      afb916213f3419be21a061b782793c6e

    • SHA1

      6625e390d96820483db6fc9efba739456a0f2fe1

    • SHA256

      77a9318b937fbc733f5a53c12ce1cbc57aa49504840da6e33f34a1750879a8f5

    • SHA512

      253ca98f2a6b351f2a28f38a18a34ecb7583dee5895fac871cdc0f08dce51a04fec9e684d0a459b147ae6588c67c7c841b6bb32f510c529ddcc3460e45ab9d98

    • SSDEEP

      6144:S7E2hItIqKU1zPf7sQwd4h4dY2S/rfWTEFB44PjrKkpArI9ZQf9yZ86DyXLmqwH5:SjHUlxd2STf44PjrKWYmVn6D0

    Score
    1/10
    • Target

      plugins/ProcessManager.dll

    • Size

      17KB

    • MD5

      4dac21b4f2984931b9710ca50329023a

    • SHA1

      e92c1284f58e2cf339340ff5496f94f9183f127c

    • SHA256

      8bca46a92123f0435b98174d0d1182016811905c7cae6199176d1d3e94605e67

    • SHA512

      36b9c7c23ebf21fc6523ca309d49966c06eba488cb7ba807f496c9effaff7e31ed8e166cab8392352b7efea3dac748af69c5de0b5cf9275fbc0616c0a75af1a9

    • SSDEEP

      384:GOQdVyeIdKbl512kg3EHEeGdhCaXJbuLUSJZAnVb:GXIeIdKbsEZaZyw

    Score
    1/10
    • Target

      plugins/Registry Manager.dll

    • Size

      12KB

    • MD5

      70bfb60e65f7fbf9fbcee5c8aaa3fce7

    • SHA1

      da65c59851dfe52e22ceaf3498a516edb80510ef

    • SHA256

      684e07c2cca9deddb34b52e791aaa43a223d31b31a06489ab22cf79090504000

    • SHA512

      bd2280d7fe342597f2177c37d836c7d40102cf9892cd54ecc07405f88488c1335d7ba0dc489860106825de98a133bf040420b79bef5b97a848fd11f81ba2c143

    • SSDEEP

      192:fQ/AstzyaRFzlMXR5DfXXb5BCOrv6qOBPEUbqfINBt:IVZFzlMXRFXCGEBPEUxp

    Score
    1/10
    • Target

      plugins/ReverseProxy.dll

    • Size

      14KB

    • MD5

      039d1f0dc21cd752cac608434b205e3c

    • SHA1

      baacefeda4cbfd8e6adda01f25f2f52059805d76

    • SHA256

      c1b7f81f0d40e4ed6f31235f502792e1ae2c2866254bd492b302498377f0aac8

    • SHA512

      4c2211a4d7b4110b3ba6f71105781140436ac57d1b191ef9a22d8adb37ba0fa1c2513fa28a336b29a62b7aaa7cad2295115da8e76fbf6da230cd25e9b1cb8383

    • SSDEEP

      384:3ar3GmyvRMMCYLopROCM0jo/s1Vaxy5xa1EVALLPO6:3ar3GFJJ0pROCM0tVKOa+6PO6

    Score
    1/10
    • Target

      plugins/ScreenControl.dll

    • Size

      14KB

    • MD5

      e402280a434814fd9eecb5077b8aac62

    • SHA1

      d120c97cef608e9f234b4d08a62d1cf7d45e5b50

    • SHA256

      d692123e16293f2d41a16e1811ae090324a3f611b694820888008ec6102fae54

    • SHA512

      8f0725702b21afd56a2631ced5d999ac04c5935f3bc6c637a97af4d3d648cc9a51231a87706e64708ef9ae33e51a3edcd1ae3bcafe6d0009a8cccaa2f3a13cc4

    • SSDEEP

      192:ZdOAWZMcRZ+U5FMvZwzUgJKaJqj2MSglwloMWxqR0Zr2v/BmqRPEZDxI6:ZdsKW+sqacj2MSgLxTZr2v/U4ELv

    Score
    1/10
    • Target

      plugins/Shell.dll

    • Size

      9KB

    • MD5

      5e3e4438045c426410122210759cc0c8

    • SHA1

      c7858413c6b724135afeb1f878f986b0ae1bfa46

    • SHA256

      81bb6bed470afa97db39d7048dd8d9b7c7786fe8297f51390b5c83b450cdb5e0

    • SHA512

      d0a656048deaab2916bd98f5205bda41686891eff65ee7608117157e4f04ee22dfcd8b9bdccbce1bdd065a1573229c3996122b907a303b8494ad7b730fe5d929

    • SSDEEP

      96:25ATBzB7uwBHfse4hDjl2KQ1dndjVvIibvibKh0c9v5g+m2rwBGbEbrxtZfvPn2k:25kFDMlor1ZT5guvbEJtZ/2WYC

    Score
    1/10
    • Target

      plugins/Startup.dll

    • Size

      6KB

    • MD5

      d66568e2fd174b6cc4f5aa10d9ab9ec6

    • SHA1

      8ae0f67d073d642c4ccb879d48f71dd39f167ed6

    • SHA256

      b82d8d11aece746a4202730eaa361501e4e505d6456f110b6bbd0a42f2b8ec0b

    • SHA512

      48b01dfeeb01b2eb103cb93834769a89de79f5b4d9bc8b3b255bfdf4b35f7e02abf0ecab0949d008d3c5b9d004101014befc6d509cd747850c072cefc369ef04

    • SSDEEP

      96:02Y9OJCE5Bdx2dix/BKsa7kh+qxH5Bxhj+0p66ljIzKtMy1MOgM03M:rXfOO7V+0pDlj2S

    Score
    1/10
    • Target

      plugins/SystemPower.dll

    • Size

      6KB

    • MD5

      b1aca76ee8c1d3fec6edd3a31f9728d8

    • SHA1

      859338c0a542697338cb72e7b2f07faf9b9fce2c

    • SHA256

      b01ab0fa54986d58b4665492639dbf16ae22e8ab868678ecb0411f06791d8c2f

    • SHA512

      83bba2d5f6826fb614f16f25411ca83a2207a18e4992e9f785efec3383a5461d861cfa1e080e1e3f3a1c69c93b3b237ca9c0c2641c276ab074aaf98ce340cc04

    • SSDEEP

      48:6D8vMrTBK/pal72gw2wS43qLirMZAxW52Qivmd4M2UP+o1nEGh+4PJ6xnckqtts9:Jah2ZSlNWxW5BxZP+UEL4lksUil8

    Score
    1/10
    • Target

      plugins/Uacbypass.dll

    • Size

      18KB

    • MD5

      d1d9aef0ed8093ff1ed157bb4af3652c

    • SHA1

      f42c6258e2ade01d14fe4fce4d51cd0b05569417

    • SHA256

      7c67304b2c4911b9a394604d92e7dfd48286f6aee89c81ddd96c922ad67a0a65

    • SHA512

      eab2b498c602105a158d7e167ea0929efadd488328f0cdaf43f65a87430f333c5aae74473f4b4652a21107b3056aea7f3d472098a0fa2cae32d6f687a7ecde10

    • SSDEEP

      384:AeI8KomqLwYgwQ+wpGT1FpAZ4tpnt3sGXbbveqiMZ2eiEB487XK:PfE4jtc2bbvZQAB4oa

    Score
    1/10

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.