General
-
Target
afa5e2493e33deda3523c8173b76c579e8f032963380dd993ebe6002b59adda7.exe
-
Size
45KB
-
MD5
72a63021940e863f0c9d5f1d940f0d7b
-
SHA1
06b7094e9c1ca39bff561de7cb79e3aa08851065
-
SHA256
afa5e2493e33deda3523c8173b76c579e8f032963380dd993ebe6002b59adda7
-
SHA512
83f2f71bf72a5cee588acae4910c0cf364866f4ff564acb6b076358ed3557bdfe33b8c4ffb6fe4b7303fd091d783a6a4bb4aa4f5ee5e90b04be64a937e6f9315
-
SSDEEP
768:RdhO/poiiUcjlJInY9SH9Xqk5nWEZ5SbTDazuI7CPW55Y:Pw+jjgnYoH9XqcnW85SbT+uIxY
Score
10/10
Malware Config
Extracted
Family
xenorat
C2
79.134.225.73
Mutex
Xeno_rat_nd8912d
Attributes
-
delay
5000
-
install_path
appdata
-
port
4448
-
startup_name
Registry
Signatures
-
Detect XenoRat Payload 1 IoCs
-
Xenorat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
afa5e2493e33deda3523c8173b76c579e8f032963380dd993ebe6002b59adda7.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections