Overview

overview

8

Static

static

3

Xeno-v1.0.5-x64.zip

windows11-21h2-x64

8

Xeno-v1.0....re.dll

windows11-21h2-x64

1

Xeno-v1.0....ms.dll

windows11-21h2-x64

1

Xeno-v1.0....pf.dll

windows11-21h2-x64

1

Xeno-v1.0....no.dll

windows11-21h2-x64

1

Xeno-v1.0....no.exe

windows11-21h2-x64

1

Xeno-v1.0....s.json

windows11-21h2-x64

3

Xeno-v1.0....UI.exe

windows11-21h2-x64

1

Xeno-v1.0....g.json

windows11-21h2-x64

3

Xeno-v1.0....x.html

windows11-21h2-x64

6

Xeno-v1.0....ain.js

windows11-21h2-x64

3

Xeno-v1.0....lua.js

windows11-21h2-x64

3

Xeno-v1.0....in.css

windows11-21h2-x64

3

Xeno-v1.0....ain.js

windows11-21h2-x64

3

Xeno-v1.0.....de.js

windows11-21h2-x64

3

Xeno-v1.0.....es.js

windows11-21h2-x64

3

Xeno-v1.0.....fr.js

windows11-21h2-x64

3

Xeno-v1.0.....it.js

windows11-21h2-x64

3

Xeno-v1.0.....ja.js

windows11-21h2-x64

1

Xeno-v1.0....nls.js

windows11-21h2-x64

1

Xeno-v1.0.....ko.js

windows11-21h2-x64

1

Xeno-v1.0.....ru.js

windows11-21h2-x64

3

Xeno-v1.0....-cn.js

windows11-21h2-x64

1

Xeno-v1.0....-tw.js

windows11-21h2-x64

3

Xeno-v1.0....der.js

windows11-21h2-x64

1

Xeno-v1.0....64.dll

windows11-21h2-x64

1

Xeno-v1.0....64.dll

windows11-21h2-x64

1

Xeno-v1.0....er.dll

windows11-21h2-x64

1

Xeno-v1.0....er.dll

windows11-21h2-x64

1

Xeno-v1.0....er.dll

windows11-21h2-x64

1

Xeno-v1.0....sh.dll

windows11-21h2-x64

1

Xeno-v1.0....td.dll

windows11-21h2-x64

1

Analysis

  • max time kernel
    435s
  • max time network
    438s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    21/09/2024, 16:30 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Xeno-v1.0.5-x64/Microsoft.Web.WebView2.Wpf.dll

  • Size

    50KB

  • MD5

    4a292c5c2abf1aab91dee8eecafe0ab6

  • SHA1

    369e788108e5fb0608a803fa2e5a06690b4464b5

  • SHA256

    b628d6133bf57b7482a49aa158e45b078df73ee7d33137ac1336d24ac67ed1b4

  • SHA512

    ca22adfff9789730e4c02343e320d80b8466cfc5a15f662cefe376b7ee29dea571004c1c26cd3f50c0d24e646f2b36b53fa86835678f46f335d65eec52431cde

  • SSDEEP

    1536:gpGhWMhWLF9jwKi8LDP/ryEH0GBy4JjrD1aah/UaOzk6hKKa5/Bi/IGCv0Z0T6Cc:taBi8LDP/b0GBy4JjrD1aah/UaOzk6hz

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Xeno-v1.0.5-x64\Microsoft.Web.WebView2.Wpf.dll,#1
    1⤵
      PID:4380

    Network

    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
      Response
      8.8.8.8.in-addr.arpa
      IN PTR
      dnsgoogle
    • flag-us
      DNS
      self.events.data.microsoft.com
      Remote address:
      8.8.8.8:53
      Request
      self.events.data.microsoft.com
      IN A
      Response
      self.events.data.microsoft.com
      IN CNAME
      self-events-data.trafficmanager.net
      self-events-data.trafficmanager.net
      IN CNAME
      onedscolprdcus19.centralus.cloudapp.azure.com
      onedscolprdcus19.centralus.cloudapp.azure.com
      IN A
      52.182.143.214
    • flag-us
      DNS
      ctldl.windowsupdate.com
      Remote address:
      8.8.8.8:53
      Request
      ctldl.windowsupdate.com
      IN A
      Response
      ctldl.windowsupdate.com
      IN CNAME
      ctldl.windowsupdate.com.delivery.microsoft.com
      ctldl.windowsupdate.com.delivery.microsoft.com
      IN CNAME
      wu-b-net.trafficmanager.net
      wu-b-net.trafficmanager.net
      IN CNAME
      edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN CNAME
      default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.56.43
      default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.56.36
      default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.56.37
      default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.56.42
      default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.56.44
      default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.56.34
      default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.56.35
      default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.56.45
    • flag-us
      DNS
      43.56.20.217.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      43.56.20.217.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      42.56.20.217.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      42.56.20.217.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      353 B
       941 B
       5
      5

      DNS Request

      8.8.8.8.in-addr.arpa

      DNS Request

      self.events.data.microsoft.com

      DNS Response

      52.182.143.214

      DNS Request

      ctldl.windowsupdate.com

      DNS Response

      217.20.56.43
      217.20.56.36
      217.20.56.37
      217.20.56.42
      217.20.56.44
      217.20.56.34
      217.20.56.35
      217.20.56.45

      DNS Request

      43.56.20.217.in-addr.arpa

      DNS Request

      42.56.20.217.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.