General
-
Target
Xenox Exploit.exe
-
Size
7.5MB
-
Sample
241223-v4fpdawmcm
-
MD5
095cfc6cc2bfb81d87d26607d65768d1
-
SHA1
4af4706852b9afcae603db5e7e9fa63953e3ae62
-
SHA256
3e9c3921efb283bcbf868d46fba477b990ebb2ee2eb629d258d3e179ea333b36
-
SHA512
85bcea3dfb806353d2bf0bfd5c08adb3c654fba03464bcf8bb0af29ca8868b792e401224d22851dc5059d0d56a7e1b288e60d522ddc8fdae8caa219478a97a7c
-
SSDEEP
196608:58QCwVxurErvI9pWjgN3ZdahF0pbH1AY7WtQsNo/03vC1Z:rVxurEUWjqeWx06rYYZ
Behavioral task
behavioral1
Sample
Xenox Exploit.exe
Resource
win10ltsc2021-20241211-en
Malware Config
Targets
-
-
Target
Xenox Exploit.exe
-
Size
7.5MB
-
MD5
095cfc6cc2bfb81d87d26607d65768d1
-
SHA1
4af4706852b9afcae603db5e7e9fa63953e3ae62
-
SHA256
3e9c3921efb283bcbf868d46fba477b990ebb2ee2eb629d258d3e179ea333b36
-
SHA512
85bcea3dfb806353d2bf0bfd5c08adb3c654fba03464bcf8bb0af29ca8868b792e401224d22851dc5059d0d56a7e1b288e60d522ddc8fdae8caa219478a97a7c
-
SSDEEP
196608:58QCwVxurErvI9pWjgN3ZdahF0pbH1AY7WtQsNo/03vC1Z:rVxurEUWjqeWx06rYYZ
-
Clipboard Data
Adversaries may collect data stored in the clipboard from users copying information within or between applications.
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-
Enumerates processes with tasklist
-
Hide Artifacts: Hidden Files and Directories
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Impair Defenses
1Obfuscated Files or Information
1Command Obfuscation
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
3Credentials In Files
3