General
-
Target
Xeno.exe
-
Size
7.0MB
-
Sample
241214-jbsmpaxlal
-
MD5
4cada3a12ec0ee75e590026cadbf82b7
-
SHA1
9454d5eff1fe850cad41f7074cd88b6afc059f2e
-
SHA256
7982ef7df2aee22865b90faff6823404718065e2f3560009b7b8b418d72b12d6
-
SHA512
8b55efd43497a1bf1c6e6db3502c32c8ed278661a8a33d55647fc17ab914a4662bf612b1d13ea932bb3c3f14dcd03ffa14c4a0ae338f83b1644aa193598b2727
-
SSDEEP
98304:UtevITBg6zamaHl3Ne4i3lqoFhTWrf9eQc0MJYzwZNqkzmas5J1n6ksB0rNHMk:UGIieNlpYfMQc2sEhn6ksqZ
Behavioral task
behavioral1
Sample
Xeno.exe
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
Xeno.exe
-
Size
7.0MB
-
MD5
4cada3a12ec0ee75e590026cadbf82b7
-
SHA1
9454d5eff1fe850cad41f7074cd88b6afc059f2e
-
SHA256
7982ef7df2aee22865b90faff6823404718065e2f3560009b7b8b418d72b12d6
-
SHA512
8b55efd43497a1bf1c6e6db3502c32c8ed278661a8a33d55647fc17ab914a4662bf612b1d13ea932bb3c3f14dcd03ffa14c4a0ae338f83b1644aa193598b2727
-
SSDEEP
98304:UtevITBg6zamaHl3Ne4i3lqoFhTWrf9eQc0MJYzwZNqkzmas5J1n6ksB0rNHMk:UGIieNlpYfMQc2sEhn6ksqZ
-
Drops file in Drivers directory
-
Clipboard Data
Adversaries may collect data stored in the clipboard from users copying information within or between applications.
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-
Enumerates processes with tasklist
-
Hide Artifacts: Hidden Files and Directories
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Obfuscated Files or Information
1Command Obfuscation
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
3Credentials In Files
3