Overview

overview

8

Static

static

3

Xeno 1.18 FIXED.zip

windows7-x64

8

Xeno 1.18 FIXED.zip

windows10-2004-x64

1

net8.0-win...rprint

windows7-x64

6

net8.0-win...rprint

windows10-2004-x64

6

net8.0-win...t.json

windows7-x64

6

net8.0-win...t.json

windows10-2004-x64

6

net8.0-win...s.json

windows7-x64

6

net8.0-win...s.json

windows10-2004-x64

6

net8.0-win...re.pma

windows7-x64

6

net8.0-win...re.pma

windows10-2004-x64

6

net8.0-win...54.pma

windows7-x64

6

net8.0-win...54.pma

windows10-2004-x64

6

net8.0-win...rl-set

windows7-x64

6

net8.0-win...rl-set

windows10-2004-x64

6

net8.0-win...rprint

windows7-x64

6

net8.0-win...rprint

windows10-2004-x64

6

net8.0-win...t.json

windows7-x64

6

net8.0-win...t.json

windows10-2004-x64

6

net8.0-win...gs.dat

windows7-x64

6

net8.0-win...gs.dat

windows10-2004-x64

6

net8.0-win...re.dat

windows7-x64

6

net8.0-win...re.dat

windows10-2004-x64

6

net8.0-win...data_0

windows7-x64

6

net8.0-win...data_0

windows10-2004-x64

6

net8.0-win...data_1

windows7-x64

6

net8.0-win...data_1

windows10-2004-x64

6

net8.0-win...data_2

windows7-x64

6

net8.0-win...data_2

windows10-2004-x64

6

net8.0-win...data_3

windows7-x64

6

net8.0-win...data_3

windows10-2004-x64

6

net8.0-win...001.gz

windows7-x64

6

net8.0-win...001.gz

windows10-2004-x64

6

Resubmissions

12-10-2024 10:59

241012-m3mgja1frq 6

12-10-2024 10:54

241012-mzm9na1fjj 8

12-10-2024 10:51

241012-mx9pwawhjg 7

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12-10-2024 10:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    net8.0-windows/Xeno.exe.WebView2/EBWebView/Default/Cache/Cache_Data/f_000001.gz

  • Size

    172KB

  • MD5

    4583049bc4d434d2475ff72260f94eec

  • SHA1

    8254900f216c319b38edf2a5a36ae46eb3b0d3a2

  • SHA256

    c47d5a2c99f924b9c8939fc6da9c5a422c0dc36f5fae5a01e547cd488dc8f101

  • SHA512

    3689af5e81e1c690817fa2ffc4d09c3ad6efb6a56e838ca26855a6e6d04aa639cfd4d82db0c8ce04edad2b5ce0827b9ff6b857d8e08dbe04ffdb1998e6b7677d

  • SSDEEP

    3072:XUy60ohiNA3LG+0zAprJ7sx1COzVLW9cYikgVuc6cYqYqvqhwxWOxWzWxvR4N528:XUykh20GrUTYx1/Jwcbk8upqY7+WWWzT

Score
6/10
discovery

Malware Config

Signatures

  • Network Share Discovery 1 TTPs

    Attempt to gather information on host network.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\net8.0-windows\Xeno.exe.WebView2\EBWebView\Default\Cache\Cache_Data\f_000001.gz"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:2300

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads