General
-
Target
slinkylauncher.exe
-
Size
42.6MB
-
Sample
240813-r4rvvsthmk
-
MD5
fdafb181e55bfad71bfcfe3e31e9238a
-
SHA1
14aa311d397320c45e569b88c576642373709287
-
SHA256
ec6fcac47b52001e6b9af66588ebb95c6de3f2e6a4b942e0d04f2c114633fddb
-
SHA512
c7d27e005b3ae266189439d9cae900ac3f2392a54cb00194a198f77e03d2e86ff7285242cf12cbea5aa38e207ba602d1ef5adbb289b97e1db64889f467650c44
-
SSDEEP
393216:Z1Du8BtuBw2FEL3Z3aLUoQvo6LP/SgbSpYvKEh1EdKwlGQKPJuGsiTfREsrgCYfO:ZMguj8Q4VfvtqFTrYAd1j+2qDylx4l
Static task
static1
Behavioral task
behavioral1
Sample
slinkylauncher.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
slinkylauncher.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
xenorat
88.15.130.212
NitroGenerator
-
delay
5000
-
install_path
appdata
-
port
4444
-
startup_name
NitroGenerator
Targets
-
-
Target
slinkylauncher.exe
-
Size
42.6MB
-
MD5
fdafb181e55bfad71bfcfe3e31e9238a
-
SHA1
14aa311d397320c45e569b88c576642373709287
-
SHA256
ec6fcac47b52001e6b9af66588ebb95c6de3f2e6a4b942e0d04f2c114633fddb
-
SHA512
c7d27e005b3ae266189439d9cae900ac3f2392a54cb00194a198f77e03d2e86ff7285242cf12cbea5aa38e207ba602d1ef5adbb289b97e1db64889f467650c44
-
SSDEEP
393216:Z1Du8BtuBw2FEL3Z3aLUoQvo6LP/SgbSpYvKEh1EdKwlGQKPJuGsiTfREsrgCYfO:ZMguj8Q4VfvtqFTrYAd1j+2qDylx4l
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-