xenorat | 85bc7adc6913a473d263e91d8bd856e1bffb92f2475ac0ebbeb622a19becad80 | Triage

Sharing

General

Target

872-64-0x0000000000400000-0x0000000000412000-memory.dmp
Size

72KB
Sample

241211-lvbvdssjhn
MD5

2e7b577be168dd21034e5df587f7f96a
SHA1

164f7e384a9efc92a3635f5051efa2b1b97d8936
SHA256

85bc7adc6913a473d263e91d8bd856e1bffb92f2475ac0ebbeb622a19becad80
SHA512

f8e202c12879326645b84f92d78889b755d2481309ca1f616adcbcb25562fadf808d71433c72bfdd1c11a70f9088f84ac1041c2a1912eab952623aee3a01a66e
SSDEEP

768:ASisJmceOodDt9gTjsZjGsdHbtm+jaqTN+8NV:6sJmfO6DEUZ/Hbt3PEUV

Score

10^/10

xenorat

Malware Config

Extracted

Family

xenorat

C2

dns.stipamana.com

Mutex

Xeno_rat_nd8912d

Attributes

delay
12000
install_path
appdata
port
4567
startup_name
mrec

Targets

- Target
  
  872-64-0x0000000000400000-0x0000000000412000-memory.dmp
- Size
  
  72KB
- MD5
  
  2e7b577be168dd21034e5df587f7f96a
- SHA1
  
  164f7e384a9efc92a3635f5051efa2b1b97d8936
- SHA256
  
  85bc7adc6913a473d263e91d8bd856e1bffb92f2475ac0ebbeb622a19becad80
- SHA512
  
  f8e202c12879326645b84f92d78889b755d2481309ca1f616adcbcb25562fadf808d71433c72bfdd1c11a70f9088f84ac1041c2a1912eab952623aee3a01a66e
- SSDEEP
  
  768:ASisJmceOodDt9gTjsZjGsdHbtm+jaqTN+8NV:6sJmfO6DEUZ/Hbt3PEUV
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2