xenorat | 45a32f28824ff8496264f7ab9295ad48b4689d0343fbdf333a6ac329ad82f344 | Triage

Sharing

General

Target

2756-14-0x0000000000400000-0x0000000000412000-memory.dmp
Size

72KB
Sample

240923-k3bnxsxamg
MD5

e0b2f5f292c0a5aed3ab9739912c51da
SHA1

dd45b6824acf5533d58837fcb64867de3f8e0712
SHA256

45a32f28824ff8496264f7ab9295ad48b4689d0343fbdf333a6ac329ad82f344
SHA512

aee6f2f96b3e2eefa6cb08c09656449e05a702afd06fd042ea53a78a51f64e47a6224100b83472ef86367a3124c08c415f4f678bf2b88438f26dbb06101942ca
SSDEEP

768:mzdhO/poiiUcjlJInPFH9Xqk5nWEZ5SbTDayWI7CPW5n:mBw+jjgndH9XqcnW85SbTzWIP

Score

10^/10

xenorat discovery

Malware Config

Extracted

Family

xenorat

C2

84.38.132.74

Mutex

Msword_Zac_nd8912d

Attributes

delay
5
install_path
temp
port
4444
startup_name
nothingset

Targets

- Target
  
  2756-14-0x0000000000400000-0x0000000000412000-memory.dmp
- Size
  
  72KB
- MD5
  
  e0b2f5f292c0a5aed3ab9739912c51da
- SHA1
  
  dd45b6824acf5533d58837fcb64867de3f8e0712
- SHA256
  
  45a32f28824ff8496264f7ab9295ad48b4689d0343fbdf333a6ac329ad82f344
- SHA512
  
  aee6f2f96b3e2eefa6cb08c09656449e05a702afd06fd042ea53a78a51f64e47a6224100b83472ef86367a3124c08c415f4f678bf2b88438f26dbb06101942ca
- SSDEEP
  
  768:mzdhO/poiiUcjlJInPFH9Xqk5nWEZ5SbTDayWI7CPW5n:mBw+jjgndH9XqcnW85SbTzWIP
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2