General

  • Target

    Xeno.exe

  • Size

    104.4MB

  • Sample

    241113-zgd99askfn

  • MD5

    3c971b85f8842cf769f904ae4e144869

  • SHA1

    7269cf329270186d5ee34e92dac1b6c49e05775c

  • SHA256

    7d51b4714e6c10c5ae327fc5f3aaa72ed425632431ee23685fcfbb857bcbd361

  • SHA512

    7392d7cea7f459847c5e3cf3ae0c00f925101e7734e20fce9e4a7e0230ca3e853b9d3a2b70d327d3b6d9f95735712cb3a1b263d098b4d286ce5640d67b837772

  • SSDEEP

    393216:m8s6VWGGPtj01TcuruhPYYFk6RxKrJzNG/6rKkzBchAau6hwNwQgIS+OaqtGCETh:zs0G1Q1Yuru1YtCKrTO6OKbe5rs3wbFM

Score
7/10

Malware Config

Targets

    • Target

      Xeno.exe

    • Size

      104.4MB

    • MD5

      3c971b85f8842cf769f904ae4e144869

    • SHA1

      7269cf329270186d5ee34e92dac1b6c49e05775c

    • SHA256

      7d51b4714e6c10c5ae327fc5f3aaa72ed425632431ee23685fcfbb857bcbd361

    • SHA512

      7392d7cea7f459847c5e3cf3ae0c00f925101e7734e20fce9e4a7e0230ca3e853b9d3a2b70d327d3b6d9f95735712cb3a1b263d098b4d286ce5640d67b837772

    • SSDEEP

      393216:m8s6VWGGPtj01TcuruhPYYFk6RxKrJzNG/6rKkzBchAau6hwNwQgIS+OaqtGCETh:zs0G1Q1Yuru1YtCKrTO6OKbe5rs3wbFM

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • An obfuscated cmd.exe command-line is typically used to evade detection.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks