General
-
Target
https://github.com/thunder21wave/Xeno-Executor
-
Sample
241208-ada1zs1ngw
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://github.com/thunder21wave/Xeno-Executor
Resource
win10v2004-20241007-en
windows10-2004-x64
21 signatures
300 seconds
Malware Config
Extracted
Family
meduza
C2
5.252.155.28
Attributes
-
anti_dbg
true
-
anti_vm
true
-
build_name
703
-
extensions
none
-
grabber_max_size
1.048576e+06
-
links
none
-
port
15666
-
self_destruct
true
Targets
-
-
Target
https://github.com/thunder21wave/Xeno-Executor
Score10/10-
Meduza Stealer payload
-
Meduza family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-