e2908acfad5fbfd586c3468dcc4f44249b993d3d9d3f568af9c7d485be7d3573

Sharing

Copy URL

Twitter E-mail

General

Target

Xeno-v1.0.9-x64-New.7z
Size

12.9MB
Sample

241121-m9tjeswlem
MD5

edfce531ec64bd5d481f814cdb2b5124
SHA1

6c1a05bce830ca6cbb81bb97d7d52334faae17b4
SHA256

e2908acfad5fbfd586c3468dcc4f44249b993d3d9d3f568af9c7d485be7d3573
SHA512

b838ddb5b02e834a279cebf94abff68fa0b8a3c034927a77de8b22ebfc42c34661d72954fdb5d622cb407f842a4cf0029961c536d0cd1e006dcb5e203a9bd709
SSDEEP

393216:eQ1/D5ZQ1dK2f93T5ZselcL/NGoJ7B6mmW7WkDu7D:f1/3aFce2/NGoJ4tdEu3

Score

6^/10

discovery execution

Malware Config

Targets

- Target
  
  Xeno-v1.0.9-x64-New/Xeno.dll
- Size
  
  939KB
- MD5
  
  29ab914d1bf45fa2b4d999623db6a44a
- SHA1
  
  2af8dd013f7f87cf33e9fe95915bebd6d35e73b3
- SHA256
  
  1db967c913802e648fc8c70da9a09f9ba3d5f3ffbf09caf41e4de4ca6f0f54b3
- SHA512
  
  001b2d3ad39c01fb181b30764892267f1d5b09c76baf27ecaabd8df70b276c22b0f96f0944b7239ccd1668e68b112090e766be468dfbd300311c4bec6d79c092
- SSDEEP
  
  12288:AKuHqB3ueaLOh1HwIao596UC8yZKJ5EWnfYE0CIrr2Ky:AdWeOh15v596UC8ydWgHjr2Ky
Score

1^/10
behavioral1
- Target
  
  Xeno-v1.0.9-x64-New/Xeno.exe
- Size
  
  140KB
- MD5
  
  4a2e503ab9a31880995e60ece8784b13
- SHA1
  
  5248db95700f5e600c824e736d8d1223f620ddf8
- SHA256
  
  5a7eb83a45bfb81b23485131a2f80820f3889c69c89257188ec6eb093f375dc9
- SHA512
  
  908f03a9901aea84df72fa70318aacf773ecd76465f5c9495a89c26e48e7c83c0fadce4fe58e1f7567a3a76f125a9245a18a1b5d5b0d076e15baf3c843a093b5
- SSDEEP
  
  3072:rjK4UGDHXrQ8hy7qgpHulWD9ZvZ5Pf3Ca10xuZ04ntfOUhBu7q:rjK4TDUqgpqWDLZ5H+xuZ04nhA
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral2
- Target
  
  Xeno-v1.0.9-x64-New/Xeno.exe.WebView2/EBWebView/Speech Recognition/1.15.0.1/Microsoft.CognitiveServices.Speech.core.dll
- Size
  
  2.6MB
- MD5
  
  0ee2b50c85a110689352fccfa77b5b18
- SHA1
  
  d9ecc4b12d2d50e3cbce40e75edad804c9988b25
- SHA256
  
  62a13d8459e0992c311dc3551bf3c2d1ce167ea7fa40f0ec62193f3bd760b36e
- SHA512
  
  a4f94a05a69b5ae3a0ecf8bdb7592f698d0df81e2f1fae679f38890ad04a2384883837bc792c73848955ff4af7afed49d38839f7ab174454e61919ed78655bff
- SSDEEP
  
  49152:NodIJ85qaIU7ui8DDR5s8L0Oty8CvFqwsNcrCY2/YUZzQ7L9qhV6O8mOn0k10:gEDRwrcAwDl
Score

1^/10
behavioral3
- Target
  
  Xeno-v1.0.9-x64-New/Xeno.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.57/adblock_snippet.js
- Size
  
  2KB
- MD5
  
  f5c93c471485f4b9ab45260518c30267
- SHA1
  
  ee6e09fb23b6f3f402e409a2272521fdd7ad89ed
- SHA256
  
  9aa899e0bf660ee8f894b97c28f05db06cc486915953b7f3b2ff9902fa8da690
- SHA512
  
  e50a1baf20db9bc867e85ab72f9976430e87d8516ca552f9342a5c91822c9e1404e4f915042d48d841cca3fb16fd969bf0aa01195791ce29de63c45814fcdcda
Score

3^/10

execution
behavioral4
- Target
  
  Xeno-v1.0.9-x64-New/XenoUI.dll
- Size
  
  73KB
- MD5
  
  3afc560eeab3dd7c4d4d1efa121e7645
- SHA1
  
  da16e9d49d77ca9af5aad37ba638418253e27eef
- SHA256
  
  962b2f5dfc883b9dfdf0b996c797b7c67da75fbb8a5fdcb965c2ba0d684caa79
- SHA512
  
  7dc2a12412fbfdfe59eb3fd4d2b96bd90fb6bc2b3a3c27c989dd60c7e705f927bd959547c1e15c9ef1df21a388ac3ead189802e12e533a2260c32577c12f9874
- SSDEEP
  
  1536:TAcx01STXu1Acv9p9rhygM/APHV5y67sX85:kcOSTXu1AO97H7Pby6755
Score

1^/10
behavioral5
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/index.html
- Size
  
  164KB
- MD5
  
  001dcbb8f41cdcbf9b4d1e3a0ed4b2d2
- SHA1
  
  982a05814546017c40771e59e7677b53d84787e9
- SHA256
  
  f1d2c52f2803c29585b81d2eff74c56242d27e9619ee6d38081d5604c5bb1951
- SHA512
  
  9a4eba2a9314b6f5851997e1db0ecfae8e40da3443d8a5f9df933ccf6a4d75fc330888c8d14818326e15b3dec9ae2f5f7e73cd08c3822dd7eb0b2d753c8cd8fa
- SSDEEP
  
  3072:Nk4J09UmmJv8kBpZaFD48VOAGUWYPjDZlLJbRBiPEP8yKUz2Ojmjr8zM3KP7pblM:64J09BA3pZaFD48VOAGUWYPjdlLJbRBS
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral6
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/base/worker/workerMain.js
- Size
  
  133KB
- MD5
  
  d0ac5294c58e523cddf25bc6d785fa48
- SHA1
  
  1b3661b6db36f1b14fd80dc9a739bfc69c68dfe5
- SHA256
  
  e90d1a8f116fa74431117a3ad78dde16dde060a4bf7528dfe3d5a3ad6156504b
- SHA512
  
  fea07a1ea5d29a3b4c614248655f4d1ddd94c10c6a6b5c8b428a8b4c0cbec7e7492fa0665c5001e65ce167240ffdfc5ac2c2ed14da3d6f508ae8d8b3c8e8eebb
- SSDEEP
  
  3072:bzjH/zYJc5c/7tMLrJ78II4F9N8+em5W+:XjH/zYJc5c/76LrJ78I7BL
Score

3^/10

execution
behavioral7
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/basic-languages/lua/lua.js
- Size
  
  4KB
- MD5
  
  eebda1fdd970433750c115eae2f03865
- SHA1
  
  3f1a1cddb99dead013eac825eb418241656d4bf0
- SHA256
  
  ac729efb3164f48d6b08f74d4b15060c126a30d40fb4cd4fc9cc94f2e19bd7c7
- SHA512
  
  8b188f3ae73a14a9318dce9761312d9dd2360ab00ee36e83ca6b74288a109c91770954db7537fd84a76707a1e79528fffc97f3a718bcd924545b469a1363c9cb
- SSDEEP
  
  96:HDGAW6FJJJkCO8evcIWtdrvrg+1/sLMiWAOKjLobLMzD:BWCDqC20IWtZD92pzOKvomD
Score

3^/10

execution
behavioral8
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/editor/editor.main.js
- Size
  
  2.1MB
- MD5
  
  2dc0068cdbc03ce43a75ab0b2df664e2
- SHA1
  
  817a209e179466dc8a14e05eb11a6c1b7e3d71eb
- SHA256
  
  b604b6148f70fe9db882cce2a7d327b2422ad2f203a805491002a8c564e3c3ff
- SHA512
  
  1ce29ed21e027d3552dc05162250bd62d66555f7b9ff48c9c94116d1e696089c32851533e7db30a7507a85b598df8fbf66292904c446536ccd3b2c60209d9d3d
- SSDEEP
  
  24576:jFFExk98EXl2uRJxjP3Ddv6QLtQ2MbRpn:Yxk98EXl2ixjP3Ddv6QLtdMf
Score

3^/10

execution
behavioral9
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/editor/editor.main.nls.de.js
- Size
  
  46KB
- MD5
  
  d1fd2fb756c73970b9c5e0ba07bff708
- SHA1
  
  470057b3244886dccc9f6074297cc8bc2a9c1b39
- SHA256
  
  cb1c3416ff242a738c45c3b2590d7d222b159a95a69ce3b7b8d7c8d18ea70828
- SHA512
  
  db2432182ff4c85fcca5093d0e433ed9cf5bed3ea3db9ed82fedc87af4d260e0d0f29ff67f0b8ac78e162586a74998ad082a91e8f9a76717827a83d5b2f775cf
- SSDEEP
  
  768:ocuLC1xYdRB1a3Xq1GdigBoQqAaI/QQUEYPxFpXT1kF7bJZYmz7lehjDWMQRBk3Z:oclxgVuXq1GdiRQqAaI/QvEYPxFpDkbg
Score

3^/10

execution
behavioral10
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/editor/editor.main.nls.es.js
- Size
  
  46KB
- MD5
  
  36f546b28ca17ece9f8eb9bcf8344e13
- SHA1
  
  d43934b9041587799e332b2f568aa81666227258
- SHA256
  
  327437ee3793e9ae0686c78196b459592c282ed2e86f95ce28d32693b76d7654
- SHA512
  
  13f8cc23038c07b6840514db4fc7b503b7a38ae1ec3baab44f1bfbded40ac50ae03c05c754f9678eecd0c8fcefab958152b39b731068b8c2c976c4c57e97f36d
- SSDEEP
  
  768:oX8nKFyVgAYwTQG8zHqIkGMvnmvoKA9OfxjB3EVuU13pjbazPn0ANy7+IkLDKPp9:oMKFyVRcdzHqIkGMvnmvoKA9OfxjB3E5
Score

3^/10

execution
behavioral11
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/editor/editor.main.nls.fr.js
- Size
  
  49KB
- MD5
  
  1a29080733878dd44e0c118e84cd0c39
- SHA1
  
  60c158e23962b11918f6cae26445fad5b63bc65a
- SHA256
  
  6ed837dc1905c06a20d102921ff06a0bda003c5368ed0576bf7e69494e889ae8
- SHA512
  
  5cc68cabb583100320d7c875fd7c46f5c618c3968ac2a7c2b60f90ec74b29349a557049c17d5c851cabb54d5ef26cd65e8d2288d70b62ede06ee1762e25dbd60
- SSDEEP
  
  768:op8flgb2uZ5CcXQ6Q3edz3uzATaY3l0y+wj90TWIvkU5BkREPTtOjNjZocYV3A4k:owliv5Ccg67SATaYVKPkRskjNGBAa3k
Score

3^/10

execution
behavioral12
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/editor/editor.main.nls.it.js
- Size
  
  48KB
- MD5
  
  18e88f58301ad5ae926204507ab99c6b
- SHA1
  
  8eb03235312e88b941f3be212c0efa12b24e6d5f
- SHA256
  
  4fe2c4420294758883e134bdf7da9e6c2abf631d3a89c765f32f6c1d0f62653c
- SHA512
  
  f66283ec4182e9062f9f03a83acb3f2a49b98fb9ef67e48eaf5227236919ca279831b822fcb3ae252cfeafd81d12fe9c89a2843d91ab140a2b79b6bbc1d4f013
- SSDEEP
  
  768:opTEy7izsuMa01VaiYR2L8XoXNj8YtvnYbP4ymMb3d/gyKJdnPTrysribj5K3m05:of7fQ2qd4yq2FA1J1qn4VN7CgL
Score

3^/10

execution
behavioral13
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/editor/editor.main.nls.ja.js
- Size
  
  52KB
- MD5
  
  3bf851cc70f515cbbe1d39da93e4f041
- SHA1
  
  88fe6323bbe14b55b6eec078574318e8474be613
- SHA256
  
  1f3556ea7233843b9e08b3c97b6727c533d702563e195c2090a438070dc85f0f
- SHA512
  
  61ffe9ec3550d2f8dfbc30d7d61327584833bb714a9d2cfc9788449190089dbdeaa293bb9921a43da782e1c36b7d242e13ac052b46210d2e79793626e921169d
- SSDEEP
  
  384:hyd/PwPtm+04LZ+FFHr0ZA9qOSTvvIEveG1vz14NdahWMpA1Uj4vHbX3IPDScLBV:olP4LsIOCaT3lJr/Tvk6892vU1ssD
Score

3^/10

execution
behavioral14
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/editor/editor.main.nls.js
- Size
  
  38KB
- MD5
  
  e871d4d9539c26d7d2bf32801ebdecf0
- SHA1
  
  711460f619ef09fa23d272d97bfc00593a5319a8
- SHA256
  
  5ff0084e6a7eee82a735616239aaf2190ea9d90e89e19340831f3d590828016a
- SHA512
  
  b6b9bf96c132db9dfc99d70320231630fc46a8a83f500d8e4f677e2d03206364f2666946f69061dcba2e759f005261dae1ece73e054aa56b8210551bc353cced
- SSDEEP
  
  384:hy38McmvQkKEQq4xlX7lrp1E1bIJUeYB4jV87XfVGT3H6Sq6Q4wCJjoce1u6I7JS:o38M7fQq4xPj7+lJcYYKqkGSVetbesy
Score

3^/10

execution
behavioral15
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/editor/editor.main.nls.ko.js
- Size
  
  46KB
- MD5
  
  60fcd422ac97a1b645ff48cb6928f7af
- SHA1
  
  da5b57dfbd257720155e303f0e75e263f0e74190
- SHA256
  
  98e649fa40d8e2ccfdc212341feb8165a7d7bbec31e8a77d9819ad9474e4b8ba
- SHA512
  
  52439f47f1e12ccf37db40f9fa8fa4966579cd6b327cde1768187cd7fdc7ebdd444e1953e29ed09bdced40d764c2e8f7131d44908c00bfd350e856a9df661aa4
- SSDEEP
  
  768:oNOnmkUxK1pLkKgljQM1r0xXDj8kE6q2XlGZrAPPvzcDzr5u1QrWp4cX6go:o4ZUxKgKzxzrE63GZrAPPkrmQKp4cX6L
Score

3^/10

execution
behavioral16
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/editor/editor.main.nls.ru.js
- Size
  
  75KB
- MD5
  
  6e7d5b984917b00f131c47473ce2b866
- SHA1
  
  97f94134ff8f73ab48c0635550f2d8054c239c7f
- SHA256
  
  1bb069d95a395bf258d1f262814591aa762c4b30529adde32ccbcaa7c7ca508d
- SHA512
  
  f2595e7e1812073c50bfa058db3c7918dd8d7a6f0d20a576c68d854a4c61ed74bef3ad5ab23430567065677d737d81c7f17010055a069b9e38b5594d65e882a0
- SSDEEP
  
  1536:ox/PFmMhjpIMbBBKOXnPCSHhiaV6can9oA2yG+YQI/Y:QbhjpIcB8OXdHhiXcanGA2yGiI/Y
Score

3^/10

execution
behavioral17
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/editor/editor.main.nls.zh-cn.js
- Size
  
  36KB
- MD5
  
  05e49314cf801f5d3992b55243690ea7
- SHA1
  
  c20fca9f037adf2edec34ccf67a08e56d1d71bbf
- SHA256
  
  e9adc8ffca9853ef6e0bd4e955af9f395a570bc7772fc2dac0c0ff241aac864b
- SHA512
  
  7d499b41ae9bee2e72b721a49c0d053029624b19af1ede71a4378e14d3f6b407539c18d29422fb8d21681ce7dc160d2f11e80064017f5c8a5f645d6c1a77cc75
- SSDEEP
  
  768:oJbVMLHwwytIMTAlthuIjOP4CAz9NlL2/AdszzHsVBI/C4j00llmR+V66U:odPPZ+huIjTszzHs3IXj00llmMV6j
Score

3^/10

execution
behavioral18
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/editor/editor.main.nls.zh-tw.js
- Size
  
  36KB
- MD5
  
  becbf441d95b0bc1565faf47ce9de373
- SHA1
  
  f660a8a29dc9861f7ff7e228622d492f1630b873
- SHA256
  
  94a7ff81b8ec3217a46bc5cdebe2c6aee98f73e6e902b7d9cf394836d052bbe5
- SHA512
  
  feee8ef6e36984309186b8ff491982efe4f144859c3f48d147b26bd61af6af751e013a951e945f02a2057368b485204734f6dc50cd6fca6294426b7fbdbcaa4f
- SSDEEP
  
  768:ozietcy+xQHM2k00fZvOHRUJdFF/JlN+QVtWrn05IxXUeqJ1wrv6Vl900U1LjK1G:o3sxQHM24ZvtdFF/zN+Q2LUeqJ1wrv6y
Score

3^/10

execution
behavioral19
- Target
  
  Xeno-v1.0.9-x64-New/bin/Monaco/vs/loader.js
- Size
  
  29KB
- MD5
  
  bc15bb48d4d5c60ce7f16819f4d988c4
- SHA1
  
  87c7f328aa357d52b68b2cea0a214365a40cdc36
- SHA256
  
  5c3cf09973404ba31d760952f267751ef2bb09f315331d13ca432b65ce2c480b
- SHA512
  
  b5d7481773cafd01f3d738949a54e49c166c9a8fea3a150f6f0eed7449176d630991e27544a4e7b23fdad29700ae7fbba5de42f97c69874b6f2ad374194a9853
- SSDEEP
  
  768:o7J6CgCAqoxgiwYeMX/so92s8hHlDmc0yvrCfS5kUN+WV+X7:oV6lC8fwYeFKcV5k
Score

3^/10

execution
behavioral20
- Target
  
  Xeno-v1.0.9-x64-New/libcrypto-3-x64.dll
- Size
  
  4.5MB
- MD5
  
  e3e4236c4483dbe1bc5954fd63c965b8
- SHA1
  
  ae8b364d2e43221466f2aa3f3c9412a713214c53
- SHA256
  
  923d7641e3655c627b80dfd63bd5e701a26e9b8b6186d56b901a60cb57494901
- SHA512
  
  7130ee5db3c7570f68b454df138926ac710e9095f1e4ff7d74ef0e329e793d20fe95eb6409730203cc706410c3efd2cf6b1c1eab26a655d29a1f74673cc8abc8
- SSDEEP
  
  98304:Al+fYmGXMIW67HknPRy41CPwDvt3uFGCC:cddXMIW67HknJy41CPwDvt3uFGCC
Score

1^/10
behavioral21
- Target
  
  Xeno-v1.0.9-x64-New/libssl-3-x64.dll
- Size
  
  802KB
- MD5
  
  4e2a30eba5388b0fe1838137a61ac255
- SHA1
  
  b6563a03f357478632d38f0f5ed28feb2af2ccf8
- SHA256
  
  ce0c322e48b95a719cd51728471e04197448d9f2ae1d0be0c99a745833dfd3a2
- SHA512
  
  4480c658eb4e3563f2622ba2a7f1f80a73e1f5aa27753030e1a7a8ca3abf07656067604e8042ca943d9cefc2524c830250dacf08ea7fc45d3bd7fa963b579917
- SSDEEP
  
  12288:SNQOYbewmdoyf/gLyfF/26v4yl/kP+1+MMDcdEVB3y:Szsmdo6PZ/O+oMMIdEVB3y
Score

1^/10
behavioral22
- Target
  
  Xeno-v1.0.9-x64-New/runtimes/win-x64/native/WebView2Loader.dll
- Size
  
  161KB
- MD5
  
  c5f0c46e91f354c58ecec864614157d7
- SHA1
  
  cb6f85c0b716b4fc3810deb3eb9053beb07e803c
- SHA256
  
  465a7ddfb3a0da4c3965daf2ad6ac7548513f42329b58aebc337311c10ea0a6f
- SHA512
  
  287756078aa08130907bd8601b957e9e006cef9f5c6765df25cfaa64ddd0fff7d92ffa11f10a00a4028687f3220efda8c64008dbcf205bedae5da296e3896e91
- SSDEEP
  
  3072:7evoTTlTRTyiuPThTNTKm81SbbMYSPLNsknZiZ2HZ5AaliiT88FEtJ57dXSvlCW:HTlTRTyiuPThTNTKmFQdhsknZiMHfEti
Score

1^/10
behavioral23
- Target
  
  Xeno-v1.0.9-x64-New/runtimes/win-x86/native/WebView2Loader.dll
- Size
  
  113KB
- MD5
  
  9d7744e15bb8e3d005079b18979c8544
- SHA1
  
  7b326c96e5f3f6baaf6e9390b119a4ffb3df2c64
- SHA256
  
  cc2f661aac9c05646933f717e629a69be93d8d06803066289d6dc1105aac6cd2
- SHA512
  
  732fd17714ec5ef0afd8f17d06adc895e93bea4585b6b1dabcf95c3fbe808e7b31a19c13cccfac0b30cd425cf96926749a0373a861f55fa8db442430803f4a25
- SSDEEP
  
  3072:rJ7FfqJR70vRq2KVsCKKa/gqeNZ/TvxEtJlAlp8Ugr4fm9IxK:r7fqJRQY0RKD5EtJeTMr2mV
Score

3^/10

discovery
behavioral24
- Target
  
  Xeno-v1.0.9-x64-New/scripts/Dex.lua
- Size
  
  410KB
- MD5
  
  e37374a8aa47cf8ac6d56901436e199f
- SHA1
  
  5d62f5db07614f3b548702faa4f7a06e235c9b12
- SHA256
  
  47cc5f1102fda0eba76b9570a1b943326f2170f270d5280e1f8dd5723c43fc14
- SHA512
  
  efee19e8109a48d49f099dd1767c722935123c4ea4d6e0ab905703e16fcb7196d31c45826d4398a5b7249e686ca90db3f671416909ce3440d4709edf1bd55775
- SSDEEP
  
  6144:X+B5OQiY5mqWM4Kg9HHj/B7TjmmDLmogQcEZVTkJuMap1PBPY9ZSnJm7xoiZDDHQ:RQ90qWM4Kg9HHj/B7TjHKi
Score

3^/10

execution
behavioral25
- Target
  
  Xeno-v1.0.9-x64-New/scripts/Infinite Yield.lua
- Size
  
  469KB
- MD5
  
  a8c69257b0db73b3e531d62cd872bc8b
- SHA1
  
  60c80decdad7e16869134a8c11a056298c628da6
- SHA256
  
  46b69f4be7ded4ac60c39255cfcd39357be8dcee7e60ad34ca53d909aa6e509a
- SHA512
  
  35d4211fb76971e3d6918a85ed57a0c4dbb51843b87f5f8a4568e5facfdb44627c111130c78eb7821f7a644a652bdc28caad9350bf8b317dc223aa13a23e6dca
- SSDEEP
  
  6144:5krLwE7/CNTtOWNhcWcRNY9gIBuQulO7oFo5n4Xd9wDhoQhGZtUi8/1j304U48ux:5krLwEtWHjgYQFOn4XE+po
Score

3^/10

execution
behavioral26
- Target
  
  Xeno-v1.0.9-x64-New/scripts/UNCCheckEnv.lua
- Size
  
  28KB
- MD5
  
  b76726d10354343d9af5c268e40b47c4
- SHA1
  
  7103c78071be0c65c8b3a217168cf7909aef748e
- SHA256
  
  e8d53406c916b8e827c65c8f00d8a18b1379e693fd0379e8116e749bdf860cf5
- SHA512
  
  5caffd8a06058e890fe4ae35430539281cf53fa791221189f0f6660778a83fa42cc3e5374ce06ff325420d92006c2bfe1003f1486714e889964075da66b046eb
- SSDEEP
  
  768:JopEYRzOKMrGrE7BWf9r+T+f9TkIuP4hUUsbU8FqQFBF5UXzRFEe3cSG5Sg/i5rx:JEKcZuy9p
Score

3^/10

execution
behavioral27
- Target
  
  Xeno-v1.0.9-x64-New/workspace/2529a5f9dfddd5523ca4e22f21cceffa-cache.lua
- Size
  
  216KB
- MD5
  
  677f110008383ffe9a245c1616395796
- SHA1
  
  c08bf85f87c91c6b30f9d93d91d79aa651c4e3d7
- SHA256
  
  ddae15772a298d3c3e1c82f04107a74a8f92a743833711222846884100a29305
- SHA512
  
  41c6a840c8a12ec69fcc93666a86a1791619a8dcc7e849c7c4600ed3e32b6a91935f82870fccf7a88b696d20f5cbe5d866353d2ebc02a7709a4a57384d904b2a
- SSDEEP
  
  3072:MQFHEoy1XlvzNcrj+2sOofoaxZ/3NtLgdoaNg1BfCWPu6VksAaUWoU:LHEzhdzNcf+B3foK/3Nt8gf12Qks3oU
Score

3^/10

execution
behavioral28
- Target
  
  Xeno-v1.0.9-x64-New/workspace/4489d604bc8b7a94c3ebe08394248e28-cache.lua
- Size
  
  278KB
- MD5
  
  3097e45383ca4fe9d066f518134bd234
- SHA1
  
  23a6c0ac512ef7f1b41bed584cfed188d78e495a
- SHA256
  
  34258e99f0f1cd357296c77cb380a680bee1127493852c28d197207531729b89
- SHA512
  
  00f6c5d3ccf39a3edb0d87fb6a468608840e088dd7303c4aa7324628e52b26a0558a7707d255bd86006bffa0e1548c9a7df09f4e982bf70a455af7e05b30dd35
- SSDEEP
  
  6144:WsS4XDi2W2CqZVFd4K7KZOUVrR+WYH7mcSeAD7DKsS4jH:W5482CuVFd4K7XUhR+ZH7mcSlzKsrH
Score

3^/10

execution
behavioral29
- Target
  
  Xeno-v1.0.9-x64-New/workspace/4dff2b0bc5132ef1d3505e1ec183c066-cache.lua
- Size
  
  304KB
- MD5
  
  41260eca1bb5dedecf586851004f79d4
- SHA1
  
  5eb1066e81d638f6bda40849870ba48ec99107f3
- SHA256
  
  5ee2baa72d8ed8d4973366d355718f4abec08ae6f92581de41103aed366bb7ff
- SHA512
  
  8b06a28a75fab5e5b094cb48ddd4dbf7a95aa299ce7e2e52d37ca616b722731cbef29763b1490e13bb5fa9094252616a546890a4ed7f4bfc9e6087cfeb1e7bd9
- SSDEEP
  
  6144:BmxUYrGRRC87GYr2yNkj8PVbFZvMANCj7NTeyQAd94ZD5j:B8UYuRCoGYr2yNkKVbvnNCj9eyQXZdj
Score

3^/10

execution
behavioral30
- Target
  
  Xeno-v1.0.9-x64-New/xxhash.dll
- Size
  
  46KB
- MD5
  
  0e9fecea29b2b3d5ef064e112436e9d1
- SHA1
  
  69423218652f7837766ce03fe9edeaf751266cc5
- SHA256
  
  73c84884a2ccde1d10bec0820a6661920e70e4b53fa99ad510acf5ed1b36af97
- SHA512
  
  bd57bc9b8298faffc091b928537794a50c81d985d60edba7863e2976846cb08fd469c6054ff7ec574df6f0a2aea1fb72ed9cff44fa219e834129876293cd2e93
- SSDEEP
  
  768:SAziPp7yW4k3QDn24NuDUSu0MKQVMNKuxYAuogba4Mk3Qi9fCCFmj6I2:SAziR74kgDn2rDRuIrN5mAvgbTgihCCp
Score

1^/10
behavioral31
- Target
  
  Xeno-v1.0.9-x64-New/zstd.dll
- Size
  
  638KB
- MD5
  
  567198a0119e3e2ec94208f1cda7aa28
- SHA1
  
  350224b13d1cc2f944a4a2bdd951e9ef80be5784
- SHA256
  
  6c63d08182dede465c95e48a235894e598a61cc24e0ba4556637cc9c1a1e0951
- SHA512
  
  ed01636af37932dca7aa7709389dba184e16f93aa3be4fe622850df0f791c85111367a10434edf0c986079069a3574e0acdbbac4d9cae9c58fc01f9f034f40ec
- SSDEEP
  
  6144:IbauYl+rrR8uT4uB5uWYfO16oMynnjDHM8YHb96pddEybNFZeW8aLx492bDKIbbW:IbauYGT5BYMxjDHM809sddEyb9eWo2W
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32