Overview

overview

10

Static

static

10

xero/xero.exe

windows10-2004-x64

10

Resubmissions

01-08-2024 19:20

240801-x2h3tsvclr 10

01-08-2024 19:20

240801-x14cdavckl 10

01-08-2024 19:19

240801-x1tsyayfmd 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    xero.rar

  • Size

    6.0MB

  • MD5

    9f2296874fda840717a03bc4f084e01c

  • SHA1

    25d6f7f448ac45bcb6111c052a4a78d52584aa92

  • SHA256

    41218c54d65efa9ea37bfcee51e294871687cddcb014e1b796c31a022c4df164

  • SHA512

    7f78babd620de9ee0ccb0ae7d65f2f26ddd065145439e785d1ee87a478cfa08f5ce848f1b047f1a8bafdd6ee36375c2a634a7082919c6bac3ca8615d82dff2a7

  • SSDEEP

    98304:cXL+2tjqXfZivDRU2yvKsJKKro8nKv15sf62NO1dqnTWLHAOd2IyPF3kZTEy:cRYXfcDKlvtKsdntf7KdqSLHtd2IakZL

Score
10/10
xenorat

Malware Config

Extracted

Family

xenorat

C2

127.0.0.1

Mutex

Xero_Legit

Attributes
  • delay

    5000

  • install_path

    appdata

  • port

    5525

  • startup_name

    nothingset

Signatures

  • Xenorat family
    xenorat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • xero.rar
    .rar
  • xero/_license.dat
  • xero/config/TEST.mcf
  • xero/config/TEST2.mcf
  • xero/imgui.ini
  • xero/version.dat
  • xero/xero.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections