General
-
Target
9037601de282b706cf457116b42b3d36e3ccd7842b13b08efced4337230ced80.exe
-
Size
45KB
-
MD5
32cb2f4e99ecc0113554aad30643b92f
-
SHA1
9e10547be5ee02d6a8e2be72f92a8747c708c897
-
SHA256
9037601de282b706cf457116b42b3d36e3ccd7842b13b08efced4337230ced80
-
SHA512
390e7d66580ffd4e3e807ddc0e95664e945664880034d494713c7d2fa6bdacdc08baace40e36361261ea3a24323e89a15fc529a3696b5c5b9bc9e989530eca35
-
SSDEEP
768:6SisJmceOo5De+APsZjGsdHbtm+KW7qTN+8Nw:MsJmfOiD+kZ/HbteW2EUw
Score
10/10
Malware Config
Extracted
Family
xenorat
C2
87.120.116.115
Mutex
Xeno_rat_nd8912d
Attributes
-
delay
50000
-
install_path
appdata
-
port
1390
-
startup_name
nothingset
Signatures
-
Detect XenoRat Payload 1 IoCs
-
Xenorat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
9037601de282b706cf457116b42b3d36e3ccd7842b13b08efced4337230ced80.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections