xenorat | 1b62f1f0a01c971eddf198bdda0110ae0d26dea7211cd3ab9b166728fff7710d | Triage

Sharing

General

Target

2708-9-0x0000000000400000-0x0000000000412000-memory.dmp
Size

72KB
Sample

240930-f14vgazbmm
MD5

94630fd93d1be453bc8d786357fe28d3
SHA1

eea60ab0203a8a77ed131b6bc2b784dbc74d65b5
SHA256

1b62f1f0a01c971eddf198bdda0110ae0d26dea7211cd3ab9b166728fff7710d
SHA512

98ad0d705d6c8fbd3d3dfc5289ebcf6fc4b1e35d3dc5b62591aae23354c17dbc5363f2301f2d0fadf28e64d48d0d67d359e002c0f06f397235fe62cc6e05c32e
SSDEEP

768:udhO/poiiUcjlJInEFH9Xqk5nWEZ5SbTDagWI7CPW5:4w+jjgnMH9XqcnW85SbTpWI

Score

10^/10

xenorat discovery

Malware Config

Extracted

Family

xenorat

C2

66.63.168.142

Mutex

Microsoft_nd8912d

Attributes

delay
5
install_path
temp
port
4782
startup_name
nothingset

Targets

- Target
  
  2708-9-0x0000000000400000-0x0000000000412000-memory.dmp
- Size
  
  72KB
- MD5
  
  94630fd93d1be453bc8d786357fe28d3
- SHA1
  
  eea60ab0203a8a77ed131b6bc2b784dbc74d65b5
- SHA256
  
  1b62f1f0a01c971eddf198bdda0110ae0d26dea7211cd3ab9b166728fff7710d
- SHA512
  
  98ad0d705d6c8fbd3d3dfc5289ebcf6fc4b1e35d3dc5b62591aae23354c17dbc5363f2301f2d0fadf28e64d48d0d67d359e002c0f06f397235fe62cc6e05c32e
- SSDEEP
  
  768:udhO/poiiUcjlJInEFH9Xqk5nWEZ5SbTDagWI7CPW5:4w+jjgnMH9XqcnW85SbTpWI
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2