General

  • Target

    ssss.exe

  • Size

    45KB

  • MD5

    61aa1ca0484e4cd142d4822b78a84801

  • SHA1

    6a06ae589708aea2d0dd02dd04834c74a61be212

  • SHA256

    b1308ef56bc7e4b577a9a69a5144b3d244a93ac1e357af61aee92f8ff0d17213

  • SHA512

    cba75e963549962fcd829d37a700c444f1bed1b5d8474c0709dfbeaf6288acdafcb52b3f9f359589d1dc3691889efc1b0ac094ea4c84e25999d20bab5a92ec78

  • SSDEEP

    768:YZhicZrX93BNDuv9+7bOIiUKkEo8bMkr28bGyVjX:ihicZb9juEb5iUKkEo8bMb8NVjX

Score
10/10

Malware Config

Extracted

Family

xenorat

C2

127.0.0.1

Mutex

BinaryX_Monitor_5435

Attributes
  • delay

    5000

  • install_path

    nothingset

  • port

    888

  • startup_name

    nothingset

Signatures

  • Detect XenoRat Payload 1 IoCs
  • Xenorat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ssss.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.