xehook | bf45f4bb83f70f8bc641f39b56be47f5bf7b3b9f2609dedcb7ad1004aa5d84b1 | Triage

Sharing

General

Target

d1f0f17e91e91cc4e1647c2aa8a7f39af2793125.rl.zip
Size

57KB
Sample

240914-tfz8fasbrj
MD5

011c74a79dcb47c70b115a1033e46be2
SHA1

90d5b7fe533d7cc30463a06ad975c3d5301a0663
SHA256

bf45f4bb83f70f8bc641f39b56be47f5bf7b3b9f2609dedcb7ad1004aa5d84b1
SHA512

7beae7a2df9adcbd8c8cd79efa7e63ac8eb3e030f8efd2bca28cadd424d226bc0afd69a04eacf4432be07b695058ccc10fe3c863bf3713399625804f82be536d
SSDEEP

1536:T+15Ge/MLWsMvJaNNaWQd/uCIADnavIAQdd/k20Nfn4RA:C1B/MyWNPy/PjWvah0N/j

Score

10^/10

xehook discovery

Malware Config

Extracted

Family

xehook

Version

2.1.5 Stable

C2

https://t.me/+w897k5UK_jIyNDgy

Attributes

id
301
token
xehook301447049203312

Targets

- Target
  
  d1f0f17e91e91cc4e1647c2aa8a7f39af2793125.rl
- Size
  
  168KB
- MD5
  
  8df48db76679f51e832e0b48a89c509d
- SHA1
  
  d1f0f17e91e91cc4e1647c2aa8a7f39af2793125
- SHA256
  
  771fb65b9e55db17bca18ea3594e8e8b4d5ef060919844c0641a02d9c3326b1e
- SHA512
  
  0e387586091b5455feb19fdfd45cea73f425cf1b8cc8fdc11e68d78826e30f3d148731713c796c0106aee1e756c514fa8ecade656261edc517333245170596c8
- SSDEEP
  
  3072:ELUbqjhjDUyx4HCIRoL57WpTlbYsb+L5QgDgZFHdrLTc5wEKctIZ:h4jJ4ORWpTlbYsb+L5QgDgZFHdrLTcml
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2