xehook | 48e2f49ef81bcbcf043ee031085b0f6038fa04c0992e69a2f11587cf578b78d0 | Triage

Resubmissions

13-09-2024 09:50

240913-lt52vawgrl 10

13-09-2024 09:49

240913-ltjtlsxckd 10

13-09-2024 09:48

240913-ls2b9swgmp 10

Sharing

General

Target

583c1eb6360379032d7cf7e6a60e09cfe74c7ecd36174016f293b060537fa52d.zip
Size

57KB
Sample

240913-lt52vawgrl
MD5

72f6e6aa7d06934994830b2d8688bdd1
SHA1

84cc4b7c4ce4e5d998dcf824d4ff9a6883d60690
SHA256

48e2f49ef81bcbcf043ee031085b0f6038fa04c0992e69a2f11587cf578b78d0
SHA512

04521cc3b582586f384ad5c7adfd232dfcf13e11216ec0040d9d4018bd9c0d91d65d82aac39a240a1e387cd6090976106a26cb96b740afca70f1275e19505160
SSDEEP

1536:jlRxdbRvTWs+HMBPF/jxb+J5xnwuw60HWwo0rcD5L31In5qd:jlRxdF4HMBPF/tK5Rq2FZr1yEd

Score

10^/10

xehook stealer

Malware Config

Extracted

Family

xehook

Version

2.1.5 Stable

C2

https://t.me/+w897k5UK_jIyNDgy

Attributes

id
208
token
xehook208262680500151

Targets

- Target
  
  583c1eb6360379032d7cf7e6a60e09cfe74c7ecd36174016f293b060537fa52d
- Size
  
  151KB
- MD5
  
  f635582929e0b0f2f18e1ee1fb7a84e9
- SHA1
  
  1d4946ea77a2bcf432f490d0a38429102a51069b
- SHA256
  
  583c1eb6360379032d7cf7e6a60e09cfe74c7ecd36174016f293b060537fa52d
- SHA512
  
  0a4ac0362ebf4ce81fb187d93898e3ffdf74e6a0da96913818ebbb59a236a3897ec680cdc4599a9cf8cee8f8b7d527c4fc0abf89016bab48449995d10065d1e7
- SSDEEP
  
  3072:mQHKadVFHUg2HiFI9ifi5iLLbyq8QL+wI7BJlwEKctby:BqSF/2HQlLLbyq8QL+wI7BJiEK
Score

10^/10

xehook stealer
- Xehook stealer
  Xehook is an infostealer written in C#.
  stealer xehook
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4