Overview

overview

10

Static

static

10

2884-10-0x...ry.exe

windows7-x64

2884-10-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2884-10-0x0000000000400000-0x0000000000412000-memory.dmp

  • Size

    72KB

  • MD5

    3418c05b499038f318de2f555bb55ac6

  • SHA1

    6e3257ffdb9b5c72c17c33bd17bb67f4604da304

  • SHA256

    73179928e3d9b99ddadb232e18e564958a4747619ab8f98152092a42601c599f

  • SHA512

    5340bc35487a52506c41926a4868f82253cf51ba9e828d2797d45dc1690af70be6aa92214b29738b5fad2526f81addeda357a10ce5f425fdb384509efa1f36ce

  • SSDEEP

    768:OSisJmceOowDlY8spLfFpyT7QHbtm+NEyqnN+8Nb:osJmfODDe7prj4QHbt5EH4Ub

Score
10/10
xenorat

Malware Config

Extracted

Family

xenorat

C2

dns.dobiamfollollc.online

Mutex

Jolid_rat_nd8889g

Attributes
  • delay

    61000

  • install_path

    appdata

  • port

    1284

  • startup_name

    hns

Signatures

  • Xenorat family
    xenorat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2884-10-0x0000000000400000-0x0000000000412000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections