xred | 1b4fe6ccb606f9f033a2789f53c0166e5c6170e83ca642a8acac940e52d7a363 | Triage

Sharing

General

Target

1b4fe6ccb606f9f033a2789f53c0166e5c6170e83ca642a8acac940e52d7a363.exe
Size

3.0MB
Sample

241217-29dwastlcl
MD5

dc96cfc28f64f3866fbd3f3d1962a5c9
SHA1

c08c0b2ba31b579714c754d54f50747de18f40ad
SHA256

1b4fe6ccb606f9f033a2789f53c0166e5c6170e83ca642a8acac940e52d7a363
SHA512

e32438d5e93200d51261aad303e70e16ac2c13187bfa0098f2e03b35fccd4d69f8b82057f96666c049049c9d7fc08ce3b442224ff2d2aaf293c762c3f2c89ddd
SSDEEP

49152:q+nsHyjtk2MYCIGevWnsHyjtIMYC5GuvunsHyjtk2MYC5GDZJ9DnxNo:xnsmtk2D0nsmtIaEnsmtk2aQ1nxO

Score

10^/10

xred discovery

Malware Config

Extracted

Family

xred

C2

xred.mooo.com

Attributes

email
[email protected]
payload_url
http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978

https://docs.google.com/uc?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download

https://www.dropbox.com/s/n1w4p8gc6jzo0sg/SUpdate.ini?dl=1

http://xred.site50.net/syn/SUpdate.ini

https://docs.google.com/uc?id=0BxsMXGfPIZfSVzUyaHFYVkQxeFk&export=download

https://www.dropbox.com/s/zhp1b06imehwylq/Synaptics.rar?dl=1

http://xred.site50.net/syn/Synaptics.rar

https://docs.google.com/uc?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download

https://www.dropbox.com/s/fzj752whr3ontsm/SSLLibrary.dll?dl=1

http://xred.site50.net/syn/SSLLibrary.dll

Targets

- Target
  
  1b4fe6ccb606f9f033a2789f53c0166e5c6170e83ca642a8acac940e52d7a363.exe
- Size
  
  3.0MB
- MD5
  
  dc96cfc28f64f3866fbd3f3d1962a5c9
- SHA1
  
  c08c0b2ba31b579714c754d54f50747de18f40ad
- SHA256
  
  1b4fe6ccb606f9f033a2789f53c0166e5c6170e83ca642a8acac940e52d7a363
- SHA512
  
  e32438d5e93200d51261aad303e70e16ac2c13187bfa0098f2e03b35fccd4d69f8b82057f96666c049049c9d7fc08ce3b442224ff2d2aaf293c762c3f2c89ddd
- SSDEEP
  
  49152:q+nsHyjtk2MYCIGevWnsHyjtIMYC5GuvunsHyjtk2MYC5GDZJ9DnxNo:xnsmtk2D0nsmtIaEnsmtk2aQ1nxO
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2