Overview

overview

8

Static

static

1

URLScan

urlscan

1

https://cdn.discorda...

windows10-2004-x64

8

Resubmissions

13/09/2024, 15:50

240913-s924fswfpg 8

13/09/2024, 15:49

240913-s9lrgawbqk 4

13/09/2024, 15:46

240913-s7mwrawepc 8

Sharing

Copy URL Twitter E-mail

General

  • Target

    https://cdn.discordapp.com/attachments/1279305146073092166/1284173952327090196/Xeno-v1.045-x64.7z?ex=66e5abb1&is=66e45a31&hm=d0fa73597457e0dcc1970497b09284a164c30bf6705a2df78e3a6c48f00e95cc&

  • Sample

    240913-s7mwrawepc

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      https://cdn.discordapp.com/attachments/1279305146073092166/1284173952327090196/Xeno-v1.045-x64.7z?ex=66e5abb1&is=66e45a31&hm=d0fa73597457e0dcc1970497b09284a164c30bf6705a2df78e3a6c48f00e95cc&

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Downloads MZ/PE file

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Executes dropped EXE

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks