Overview

overview

10

Static

static

9

Release/Xeno.exe

windows10-ltsc 2021-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    𝙫1.1.5-𝙓3π™‰π™Š-𝙍3π™‡π™€π˜Όπ™Žπ™€-π˜Όπ™‹π™‹.zip

  • Size

    43.7MB

  • Sample

    250309-qwlhfa11fw

  • MD5

    044ad151536eb096659bf26a0ccec401

  • SHA1

    2b4949cc9581506fc105bb6189b56cec228eda30

  • SHA256

    7b36b75259a58e8150ca819ca5e8c6bee03e189f732a90deddd0dc194f97232c

  • SHA512

    36cd275c9c6fc5f42496e96498b0bbb2a7dfc9aa97973ee2bac8304f0131d28afede914270abfd0aa97cebd04b9084acb7e76e36174e1cd035ec59503b93af03

  • SSDEEP

    786432:I4tDaSuPrjDQBJB7Y5YgecxnLxKKEC/93df5HyTtbRmyyESOy1gEx4ChjpQR:fDa5PrvQblY5zecJLxKsF3dfo9yH1rxc

Score
10/10
cryptonediscoverypacker

Malware Config

Targets

    • Target

      Release/Xeno.exe

    • Size

      250.0MB

    • MD5

      7c55d5d57b1ebe0b18ecee8e1ae04a7e

    • SHA1

      73b6d784f75948492509a6c5c035ba1db4e019ad

    • SHA256

      e3468f7e04145fe3ac32c1ee74772cb5132a1d9a022f6a232530bbedc688b1b9

    • SHA512

      28e074bf3ac9bb4407d80ac9f1bc00ad1a3f90b5d6e8ac932e0f148959afbddce9cef804c9a679ef407babe315ce97ac68c66379347bab7b89ce6a058b5a6c0e

    • SSDEEP

      24576:kXOI1c6VPKAGgUSuTQNrNdiUhVZqYeLfGZS0ugeigtn6RSDL2sdPvn6Mda:GP7PKguTkjiSqLfGZS0pJiL2IJA

    Score
    10/10
    discovery

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Enumerates processes with tasklist

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks