Overview

overview

10

Static

static

10

ac5d5e9cb4...d6.exe

windows7-x64

10

ac5d5e9cb4...d6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ac5d5e9cb4cc58bcbafd35476a881b5546f1c5af723882011d892dcd7cdd7ad6

  • Size

    45KB

  • MD5

    2bd4cb1ca8fde5d18bcdb5fc6e3655fd

  • SHA1

    950b20e1de510e66ca8e6ac05455c5148d97894c

  • SHA256

    ac5d5e9cb4cc58bcbafd35476a881b5546f1c5af723882011d892dcd7cdd7ad6

  • SHA512

    f56844c4c0dad0d78e650e73035818c48f2b38920d8740ddb09438527f78a4a3570ff01105ea0d3a2f1fde8d136dcbc60758ffd243934e4f99804be9a69b3c86

  • SSDEEP

    768:mwdhO/poiiUcjlJInt0H9Xqk5nWEZ5SbTDaXuI7CPW5y:miw+jjgn2H9XqcnW85SbTauI6

Score
10/10
xenorat

Malware Config

Extracted

Family

xenorat

C2

127.0.0.1

Mutex

Microsoft Edge

Attributes
  • delay

    5000

  • install_path

    appdata

  • port

    4444

  • startup_name

    MsEdge

Signatures

  • Detect XenoRat Payload 1 IoCs
  • Xenorat family
    xenorat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ac5d5e9cb4cc58bcbafd35476a881b5546f1c5af723882011d892dcd7cdd7ad6
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections