Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
10Static
static
3Xeno-v1.1....re.dll
windows10-2004-x64
10Xeno-v1.1....ms.dll
windows10-2004-x64
1Xeno-v1.1....pf.dll
windows10-2004-x64
1Xeno-v1.1....on.dll
windows10-2004-x64
1Xeno-v1.1....no.dll
windows10-2004-x64
1Xeno-v1.1....no.exe
windows10-2004-x64
6Xeno-v1.1....UI.exe
windows10-2004-x64
1Xeno-v1.1....-0.dll
windows10-2004-x64
1Xeno-v1.1....-0.dll
windows10-2004-x64
1Xeno-v1.1....-0.dll
windows10-2004-x64
1Xeno-v1.1....-0.dll
windows10-2004-x64
1Xeno-v1.1....-0.dll
windows10-2004-x64
1Xeno-v1.1....-0.dll
windows10-2004-x64
1Xeno-v1.1....-0.dll
windows10-2004-x64
1Xeno-v1.1....-0.dll
windows10-2004-x64
1Xeno-v1.1....x.html
windows10-2004-x64
6Xeno-v1.1....ain.js
windows10-2004-x64
3Xeno-v1.1....lua.js
windows10-2004-x64
3Xeno-v1.1....ain.js
windows10-2004-x64
3Xeno-v1.1....64.dll
windows10-2004-x64
1Xeno-v1.1....40.dll
windows10-2004-x64
3Xeno-v1.1....er.dll
windows10-2004-x64
1Xeno-v1.1....er.dll
windows10-2004-x64
1Xeno-v1.1....er.dll
windows10-2004-x64
3Xeno-v1.1....Env.js
windows10-2004-x64
3Xeno-v1.1....40.dll
windows10-2004-x64
1Xeno-v1.1...._1.dll
windows10-2004-x64
1General
-
Target
Xeno-v1.1.35-x64.zip
-
Size
4.5MB
-
Sample
250125-12vcmstlgp
-
MD5
e25c06ef5aef8325bdf8b74033e35452
-
SHA1
0af4104148f41c51f86c2c2e02f8c37ecf4f86f6
-
SHA256
9f328d14e20db68a02f42fe7f21818a0aeb9e0c368e1f9a98a13044aee7fd29c
-
SHA512
b45faafff0162b88d5d0273fd0acefbc91c0e3fc21e24be4e8bbd6e9c57ae17bc2670c7632549d74c6f4f86b9fd69128e8bef218d2655ea9cb476323fb80a540
-
SSDEEP
98304:Oma6OMyjrm+WwdjTmDh/BRFQNM74slPUDtgoCrEhxGMZLvrylQQOJgq:JaUyP9WWjTml/3bZUpn7GMZbOe7Jgq
Static task
static1
Behavioral task
behavioral1
Sample
Xeno-v1.1.35-x64/Microsoft.Web.WebView2.Core.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral2
Sample
Xeno-v1.1.35-x64/Microsoft.Web.WebView2.WinForms.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Xeno-v1.1.35-x64/Microsoft.Web.WebView2.Wpf.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral4
Sample
Xeno-v1.1.35-x64/Newtonsoft.Json.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
Xeno-v1.1.35-x64/Xeno.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral6
Sample
Xeno-v1.1.35-x64/Xeno.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
Xeno-v1.1.35-x64/XenoUI.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral8
Sample
Xeno-v1.1.35-x64/api-ms-win-crt-convert-l1-1-0.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
Xeno-v1.1.35-x64/api-ms-win-crt-filesystem-l1-1-0.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral10
Sample
Xeno-v1.1.35-x64/api-ms-win-crt-heap-l1-1-0.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
Xeno-v1.1.35-x64/api-ms-win-crt-locale-l1-1-0.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral12
Sample
Xeno-v1.1.35-x64/api-ms-win-crt-math-l1-1-0.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
Xeno-v1.1.35-x64/api-ms-win-crt-runtime-l1-1-0.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral14
Sample
Xeno-v1.1.35-x64/api-ms-win-crt-stdio-l1-1-0.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
Xeno-v1.1.35-x64/api-ms-win-crt-string-l1-1-0.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral16
Sample
Xeno-v1.1.35-x64/bin/Monaco/index.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
Xeno-v1.1.35-x64/bin/Monaco/vs/base/worker/workerMain.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral18
Sample
Xeno-v1.1.35-x64/bin/Monaco/vs/basic-languages/lua/lua.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
Xeno-v1.1.35-x64/bin/Monaco/vs/editor/editor.main.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral20
Sample
Xeno-v1.1.35-x64/libssl-3-x64.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
Xeno-v1.1.35-x64/msvcp140.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral22
Sample
Xeno-v1.1.35-x64/runtimes/win-arm64/native/WebView2Loader.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
Xeno-v1.1.35-x64/runtimes/win-x64/native/WebView2Loader.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral24
Sample
Xeno-v1.1.35-x64/runtimes/win-x86/native/WebView2Loader.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
Xeno-v1.1.35-x64/scripts/UNCCheckEnv.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral26
Sample
Xeno-v1.1.35-x64/vcruntime140.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
Xeno-v1.1.35-x64/vcruntime140_1.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Xeno-v1.1.35-x64/Microsoft.Web.WebView2.Core.dll
-
Size
557KB
-
MD5
b037ca44fd19b8eedb6d5b9de3e48469
-
SHA1
1f328389c62cf673b3de97e1869c139d2543494e
-
SHA256
11e88b2ca921e5c88f64567f11bd83cbc396c10365d40972f3359fcc7965d197
-
SHA512
fa89ab3347fd57486cf3064ad164574f70e2c2b77c382785479bfd5ab50caa0881de3c2763a0932feac2faaf09479ef699a04ba202866dc7e92640246ba9598b
-
SSDEEP
12288:6CxswUBor35JrpQ322zy+uFKcDoRFNCMmeA+imQ269pRFZNIEJdIEY0lxEIPrEIE:6Cbmv
-
Downloads MZ/PE file
-
Event Triggered Execution: Image File Execution Options Injection
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Legitimate hosting services abused for malware hosting/C2
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
Probable phishing domain
-
-
-
Target
Xeno-v1.1.35-x64/Microsoft.Web.WebView2.WinForms.dll
-
Size
37KB
-
MD5
8153423918c8cbf54b44acec01f1d6c2
-
SHA1
f0c3c5412b809725e6d4809230adb15cc7d83ad2
-
SHA256
5696366f7458da940cc986dc5d3d4549a2368512acd769014ecbb07b47bd88b4
-
SHA512
f3dc771e37c71479d332142ec5a9c5c3f39ca71937f595a0f7482ae5aaaafd92e932efc9b0363d4511d547f3c8b2e0497ebbf8356e7d07fc344f4e5715b0ee87
-
SSDEEP
768:1sjCEEHJ9l0EeFZ2sxIHzttZDgcEST3p4Jjrjh2jJ+SG2au8vxJKia5/Zi/ZGQKk:wCEB15azttZDgcEST3p4JjrjaJ+SG2a/
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/Microsoft.Web.WebView2.Wpf.dll
-
Size
50KB
-
MD5
4a292c5c2abf1aab91dee8eecafe0ab6
-
SHA1
369e788108e5fb0608a803fa2e5a06690b4464b5
-
SHA256
b628d6133bf57b7482a49aa158e45b078df73ee7d33137ac1336d24ac67ed1b4
-
SHA512
ca22adfff9789730e4c02343e320d80b8466cfc5a15f662cefe376b7ee29dea571004c1c26cd3f50c0d24e646f2b36b53fa86835678f46f335d65eec52431cde
-
SSDEEP
1536:gpGhWMhWLF9jwKi8LDP/ryEH0GBy4JjrD1aah/UaOzk6hKKa5/Bi/IGCv0Z0T6Cc:taBi8LDP/b0GBy4JjrD1aah/UaOzk6hz
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/Newtonsoft.Json.dll
-
Size
695KB
-
MD5
adf3e3eecde20b7c9661e9c47106a14a
-
SHA1
f3130f7fd4b414b5aec04eb87ed800eb84dd2154
-
SHA256
22c649f75fce5be7c7ccda8880473b634ef69ecf33f5d1ab8ad892caf47d5a07
-
SHA512
6a644bfd4544950ed2d39190393b716c8314f551488380ec8bd35b5062aa143342dfd145e92e3b6b81e80285cac108d201b6bbd160cb768dc002c49f4c603c0b
-
SSDEEP
12288:mFIM0KteTMN4Or4D3OdmZg5WHEaEDIGBBjgrIQtD+tVqDMW:6zMTMNNd+g5Wk78GBBjgrIQtDF
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/Xeno.dll
-
Size
1.2MB
-
MD5
8363219b62cf490fea5571d5b779c174
-
SHA1
3d259f711d21053b7323a740e8c256ca77c64efd
-
SHA256
9840c97b35afb77418d541ef2f1b5da93c0d7d9632c334ec7444ceadeb0f9fa8
-
SHA512
70874a58bbcc263e1c929e479bde31e731cb26cec6a51081f3d33ae37be32b4c9e96a36306d997f12a81e0867bc13a0c32baf14c52b9f1dfab894decf7305a22
-
SSDEEP
24576:9G0w6ywcoFdPEb8j3+ClaySrLH7+4r3e7540eFMWFFpKc:9G0w6OaZlaxfHy4r3e75w9F
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/Xeno.exe
-
Size
140KB
-
MD5
f0d6a8ef8299c5f15732a011d90b0be1
-
SHA1
5d2e6cc0bd4f1e810808f2a284f6c2a30b21edcf
-
SHA256
326bae0bd1398234dcef4c3d71f00e30cc9b447fa963e21d6f29605f42bb7e5b
-
SHA512
5b9f1517949a7fa9fdb7413146632d21a4208dc92823b673af85963ae5cc7f827b3ba27f3e9c5554c45e726ad159aac77d30306acc3559bd8712534e41ff0f27
-
SSDEEP
3072:2hK4Uay3XrQ8habqgp9pC9Z6p5uf3C6k0xuZ04ntfxDhBury:2hK4XycqgpfCup5sVxuZ04bhA
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
Xeno-v1.1.35-x64/XenoUI.dll
-
Size
95KB
-
MD5
38246fb0d91772bb188b74956fcac653
-
SHA1
5b513501576bfd408c002bc7e3937222bd5880da
-
SHA256
5467a08450f3330e5aecfcac90b7e2f6005b7031b2e900c6080e894ff435223a
-
SHA512
66c2db8045386a2e3cf43cd56c9fc72d34108a4092fec0ef83c4817a6e2484ddde4d3366228532cbe60bff02d6e28b6c7354c749db955de236396dc29116251a
-
SSDEEP
1536:htOb8p1vRzSfcuafx2WR42zxMVY6dTPrvWa5riimh3VuM/APHV5y6SlSW8lXR:hEbfWytdTPrvWAPuw7Pby6S+lXR
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/api-ms-win-crt-convert-l1-1-0.dll
-
Size
15KB
-
MD5
c8dbf0ca88facfe87899168a7f7db52c
-
SHA1
e2cf163ad067b5d3b19908a71ed393711f66cd09
-
SHA256
94b6e91b93c2202dabd659bff294bee87c22897a30a6b4930b49051c2fb502dc
-
SHA512
e85c738f5d5a0ae6c3ef75a082712cb3cf2feae4560d316cb110e4eaf3a97d6058d5374da2a5edde39c3114f9aff8a027cbdff8cf49be2425943bac09c39e70b
-
SSDEEP
192:w89M0wd8dc9cy1WphWWD1S8f4DBQABJt9o0Z5uE7Mqnajcno:wt0wd8xy1WphWWD1IDBRJtO0zuOMlAo
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/api-ms-win-crt-filesystem-l1-1-0.dll
-
Size
13KB
-
MD5
42a2a95f1bb940d01f55eb1674a81fe2
-
SHA1
f982f3bbb4dc3aaaba8df098d1b395846f7cba08
-
SHA256
51541ec6684b43157a85ea46a42ebed4555be06bed0d0d07ff3ea6377301318d
-
SHA512
de9a7a1a6a45e2f76105eaeafcc3c29adbff142dcf2586e147417045b897a9dcddec5e1b97acfc5d3fc9c8e3a508dbc3f607bf3df20a7435e74436f94cb056b6
-
SSDEEP
192:zt/PGnWlC0i5C9WphWAeD1S8f4DBQABJJ2yy2D8KN3qnajV2MVorr:VunWm5C9WphWbD1IDBRJJkt2lxnorr
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/api-ms-win-crt-heap-l1-1-0.dll
-
Size
12KB
-
MD5
98da186fd7d7873c164a51c5d7b77f1a
-
SHA1
725a8b8fdfbe6a1e85674f4b2a7c0dd08411e00b
-
SHA256
80139e4caa379d87b1d1dafc23ace71d2b330368115f6314140d4ae59c2a78e8
-
SHA512
587b49a24cc59d4dcb62b59f379d1c9010196a6551cfc99ffdd931eeb0172618f020863191e530d65ad198e57063c57ba6f70bcf80591304243268ea5513f806
-
SSDEEP
192:DaY17aFBRQWphWp+QD1S8f4DBQABJtAa46ArNc4qnajr7PQW:7VWphWFD1IDBRJtAa54lrPQW
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/api-ms-win-crt-locale-l1-1-0.dll
-
Size
11KB
-
MD5
ff48b107b2449a647c64baabd49408a1
-
SHA1
efb868ba125d9ff08474f02b9483d74c36a13cee
-
SHA256
7bb8644e565ad4bcfd890f9044bccb4d99953a740e9a500b1f820b2fdc3fc240
-
SHA512
4da2e4b727e7f31f8bffd680453c451b444bdf217c15cb36e353f8bb5ecb6c6481caa7d848558c7d94cfc2d1bc3551ace11e85ffc8ec7a7b570a59c294ea0216
-
SSDEEP
192:JWphWzDD1S8f4DBQABJtySO5M8xOSqnaj3yAY9:JWphWHD1IDBRJtyICTluAY9
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/api-ms-win-crt-math-l1-1-0.dll
-
Size
20KB
-
MD5
e10e077bb06209aedd0d0d378c758f73
-
SHA1
97a9053a311280678f8ef65dc4e25975c41bd4ee
-
SHA256
8a7bff1c918539a75c25568db25933d653c003e016fd7791a37186b42bbb7c20
-
SHA512
571c1fc4192320bd967b603e6cda917a62f4720eb4dcd557ec2913d2558c0cfe68f936198f5809934aaa3a1d6049e8e918eb0e638a7244df5c71ef0c78843191
-
SSDEEP
384:rJI2M4Oe59Ckb1hgmLZWphW1D1IDBRJJo95DKlxT1xpN:ri2Mq59Bb1jEkI1PU5Dmv
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/api-ms-win-crt-runtime-l1-1-0.dll
-
Size
16KB
-
MD5
f91e1ff896b5616919ac97c7095c513e
-
SHA1
4ec6eed0bac5a8801db10238c7b3a5d35a87be67
-
SHA256
07382c0d91dad2bb6ba8bd06ea02f12c57abf7c4e5a70672e9f2954d09a4ffd4
-
SHA512
6448d6cdfde11e1805b6d381111ea062f681807c9dc54ae890305f287b13b6fb57ef3f4d3b909e56b81c99830c086b5702b46ba0f93e695fce2b87b32fa4b26a
-
SSDEEP
192:uaajPrpJhhf4AN5/KipWphWAzD1S8f4DBQABJJLQ67T0q11qnajVtPx5g:ulbr7fWphWiD1IDBRJJL7Tplxb5g
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/api-ms-win-crt-stdio-l1-1-0.dll
-
Size
17KB
-
MD5
429c26ed27a026442f89c95ff16ce8c2
-
SHA1
69ed09faae00a980c296546c9b5e6a8d5f978439
-
SHA256
2a466648affd3d51b944f563bb65046a3da91006a0d90fb2c0b123487a1fc1b3
-
SHA512
04641164d9e1eb3183db0c406583626011dfe2b2574551c0ac466ebf44165afcd7d8faf356b8268b4fc9a54db20de010a4e4293594ad2e605950aea65636f4e5
-
SSDEEP
192:BpPLNPjFuWYFxEpah7WphWRD1S8f4DBQABJ+SiLuEbNEdiqnajVCpEbOg4:B19OFVh7WphWRD1IDBRJ5iLbnlxkEf
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/api-ms-win-crt-string-l1-1-0.dll
-
Size
18KB
-
MD5
0f593e50be4715aa8e1f6eb39434edd5
-
SHA1
1117709f577278717c34365ce879bcd7c956069b
-
SHA256
bf4ea10be1b64c442ac0ccf4bdf69f6703467176a27e9e14a488d26448a6e179
-
SHA512
487dcbf7b7f18d62606cb2f05c8feff07e6ecda42e643f5919c6edda66cdb3b8cc393b0d260374f06c10cf54082410fc9f02bd87cc50866bc0c28b0bcec3e658
-
SSDEEP
384:fFvU4x0C5yguNvZ5VQgx3SbwA7yMVIkFGl3WphW+D1IDBRJ5YBMOnlxkEx:p5yguNvZ5VQgx3SbwA71IkFxVI1PKJ
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/bin/Monaco/index.html
-
Size
164KB
-
MD5
001dcbb8f41cdcbf9b4d1e3a0ed4b2d2
-
SHA1
982a05814546017c40771e59e7677b53d84787e9
-
SHA256
f1d2c52f2803c29585b81d2eff74c56242d27e9619ee6d38081d5604c5bb1951
-
SHA512
9a4eba2a9314b6f5851997e1db0ecfae8e40da3443d8a5f9df933ccf6a4d75fc330888c8d14818326e15b3dec9ae2f5f7e73cd08c3822dd7eb0b2d753c8cd8fa
-
SSDEEP
3072:Nk4J09UmmJv8kBpZaFD48VOAGUWYPjDZlLJbRBiPEP8yKUz2Ojmjr8zM3KP7pblM:64J09BA3pZaFD48VOAGUWYPjdlLJbRBS
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
Xeno-v1.1.35-x64/bin/Monaco/vs/base/worker/workerMain.js
-
Size
133KB
-
MD5
d0ac5294c58e523cddf25bc6d785fa48
-
SHA1
1b3661b6db36f1b14fd80dc9a739bfc69c68dfe5
-
SHA256
e90d1a8f116fa74431117a3ad78dde16dde060a4bf7528dfe3d5a3ad6156504b
-
SHA512
fea07a1ea5d29a3b4c614248655f4d1ddd94c10c6a6b5c8b428a8b4c0cbec7e7492fa0665c5001e65ce167240ffdfc5ac2c2ed14da3d6f508ae8d8b3c8e8eebb
-
SSDEEP
3072:bzjH/zYJc5c/7tMLrJ78II4F9N8+em5W+:XjH/zYJc5c/76LrJ78I7BL
Score3/10 -
-
-
Target
Xeno-v1.1.35-x64/bin/Monaco/vs/basic-languages/lua/lua.js
-
Size
4KB
-
MD5
eebda1fdd970433750c115eae2f03865
-
SHA1
3f1a1cddb99dead013eac825eb418241656d4bf0
-
SHA256
ac729efb3164f48d6b08f74d4b15060c126a30d40fb4cd4fc9cc94f2e19bd7c7
-
SHA512
8b188f3ae73a14a9318dce9761312d9dd2360ab00ee36e83ca6b74288a109c91770954db7537fd84a76707a1e79528fffc97f3a718bcd924545b469a1363c9cb
-
SSDEEP
96:HDGAW6FJJJkCO8evcIWtdrvrg+1/sLMiWAOKjLobLMzD:BWCDqC20IWtZD92pzOKvomD
Score3/10 -
-
-
Target
Xeno-v1.1.35-x64/bin/Monaco/vs/editor/editor.main.js
-
Size
2.1MB
-
MD5
c7429ac3aeb92f9d04bd77b803c5f61f
-
SHA1
22172d93ad3237354834c62da07e94a39dc37aeb
-
SHA256
8dff7775c463d6d318385e782f19f1d815909a2e9b61e2ba0e865e6d0e1f3d8b
-
SHA512
0133b757f087a5ddad173e911a6ea7d21b5edd86555b8900fea321a8ea180b2a911134ce3a654b72859250329b2161ffd9252397f40b5a646700c899cfcd04f0
-
SSDEEP
49152:Yxk98k6aE7MvROf0IDtk36gku4y/29PP5jSlrEp:9u
Score3/10 -
-
-
Target
Xeno-v1.1.35-x64/libssl-3-x64.dll
-
Size
1.3MB
-
MD5
d66acb55a9f095a24865c9d883f96fd1
-
SHA1
cc8cb0a1d460fc0ef5a941bc5cd45e29ca7ef527
-
SHA256
7ae563b23164ec5994dbc24bce536b33df80c40de5ca97d64fe84a5dac34788e
-
SHA512
35c04c6f5f66d4585bba8fe48f2b470af7d6e366e9b9cb3ce0712818c5b1504c9e492a4d148164adf28793cc55b2ac58d3df28fb00f94033ddcb6e18ecce0227
-
SSDEEP
12288:9jq84j6NgABFeE4KFq/aXn0ENEoPxV6yatOUH3eKyG8xqU+TMruSoE7y:9m8hCuTrYKpYOK7phTMruSoE7y
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/msvcp140.dll
-
Size
439KB
-
MD5
4d157073a891d0832b9b05fb8aca73a8
-
SHA1
551efcdd93ecafc6b54ebb6f8f38c505d42d61ca
-
SHA256
718812adb0d669eea9606432202371e358c7de6cdeafeddad222c36ae0d3f263
-
SHA512
141563450e4cdf44315270360414f339fc3c96ebdaa46e28a1f673237c30f5e94e6da271db67547499c14dc3bd10e39767c3b6a2a3c9cec0a64a11f0263e0c5d
-
SSDEEP
12288:6rK6LQK2R9Y9huTJzNa/LNE4Qclv5wDAb0qhUgiW6QR7t5s03Ooc8dHkC2esjaoq:ANZ2R9Y9huTJzNcNE4Qclv5wDA0p03O4
Score3/10 -
-
-
Target
Xeno-v1.1.35-x64/runtimes/win-arm64/native/WebView2Loader.dll
-
Size
136KB
-
MD5
8f2648cd543236ef1b4856715731e069
-
SHA1
c269e906556c160201fe229b9f6f3dde26888ac4
-
SHA256
77152af4472dc7741901ba69ce3a670992546eb2f5eda3db7fee135ee0037de0
-
SHA512
26bd06330e690dc73534ec2c54cd75149c0e96cbcfb34b9012532223db51d98b37b8b5c507d8d1a9b3829ea49493981d79cc1e5aaaa5b0d4b796a72f4420f2cc
-
SSDEEP
3072:VgpD1l8o58rpoJbMPN6OSBTj0zEtJW6hGo3:aphl8omrhlzEtJNhn
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/runtimes/win-x64/native/WebView2Loader.dll
-
Size
161KB
-
MD5
c5f0c46e91f354c58ecec864614157d7
-
SHA1
cb6f85c0b716b4fc3810deb3eb9053beb07e803c
-
SHA256
465a7ddfb3a0da4c3965daf2ad6ac7548513f42329b58aebc337311c10ea0a6f
-
SHA512
287756078aa08130907bd8601b957e9e006cef9f5c6765df25cfaa64ddd0fff7d92ffa11f10a00a4028687f3220efda8c64008dbcf205bedae5da296e3896e91
-
SSDEEP
3072:7evoTTlTRTyiuPThTNTKm81SbbMYSPLNsknZiZ2HZ5AaliiT88FEtJ57dXSvlCW:HTlTRTyiuPThTNTKmFQdhsknZiMHfEti
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/runtimes/win-x86/native/WebView2Loader.dll
-
Size
113KB
-
MD5
9d7744e15bb8e3d005079b18979c8544
-
SHA1
7b326c96e5f3f6baaf6e9390b119a4ffb3df2c64
-
SHA256
cc2f661aac9c05646933f717e629a69be93d8d06803066289d6dc1105aac6cd2
-
SHA512
732fd17714ec5ef0afd8f17d06adc895e93bea4585b6b1dabcf95c3fbe808e7b31a19c13cccfac0b30cd425cf96926749a0373a861f55fa8db442430803f4a25
-
SSDEEP
3072:rJ7FfqJR70vRq2KVsCKKa/gqeNZ/TvxEtJlAlp8Ugr4fm9IxK:r7fqJRQY0RKD5EtJeTMr2mV
Score3/10 -
-
-
Target
Xeno-v1.1.35-x64/scripts/UNCCheckEnv.lua
-
Size
28KB
-
MD5
b76726d10354343d9af5c268e40b47c4
-
SHA1
7103c78071be0c65c8b3a217168cf7909aef748e
-
SHA256
e8d53406c916b8e827c65c8f00d8a18b1379e693fd0379e8116e749bdf860cf5
-
SHA512
5caffd8a06058e890fe4ae35430539281cf53fa791221189f0f6660778a83fa42cc3e5374ce06ff325420d92006c2bfe1003f1486714e889964075da66b046eb
-
SSDEEP
768:JopEYRzOKMrGrE7BWf9r+T+f9TkIuP4hUUsbU8FqQFBF5UXzRFEe3cSG5Sg/i5rx:JEKcZuy9p
Score3/10 -
-
-
Target
Xeno-v1.1.35-x64/vcruntime140.dll
-
Size
117KB
-
MD5
943fc74c2e39fe803d828ccfa7e62409
-
SHA1
4e55d591111316027ae4402dfdfcf8815d541727
-
SHA256
da72e6677bd1bcd01c453c1998aaa19aeaf6659f4774cf6848409da8232a95b2
-
SHA512
96e9f32e89aee6faea6e5a3edc411f467f13b35ee42dd6f071723daeba57f611dbd4ff2735be26bb94223b5ec4ee1dffedf8dc744b936c32a27d17b471e37dcf
-
SSDEEP
1536:R9TXF5YXWbj8qr51XlN+dULTCe1IGhKWyxLiyaXYaWEoecbdhUoTtHez9FazR:REnsvReGsWyxLizXFCecbd1Tt+i1
Score1/10 -
-
-
Target
Xeno-v1.1.35-x64/vcruntime140_1.dll
-
Size
48KB
-
MD5
05052be2c36166ff9646d7d00bb7413f
-
SHA1
d8d7c4b322d76e3a7b591024c62f15934979fe40
-
SHA256
26e470b29bed3d873e0c328186e53f95e9edbfe0b0fd0cda44743a0b1a04a828
-
SHA512
0460cc66d06df9a2941607473f3eccfd909f2adab53a3328fadcedd1b194b388eca738c2c6c2e193de33606925fbed1fe39efa160015128e93f5e3a03c62170d
-
SSDEEP
768:qzzO6ujT3MbR3v0Cz6SKLq83yN+iRxw9zv6JmEpw9zF:3q/o1j3c+iIzv6JmEp4zF
Score1/10 -
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
2Component Object Model Hijacking
1Image File Execution Options Injection
1Privilege Escalation
Event Triggered Execution
2Component Object Model Hijacking
1Image File Execution Options Injection
1