General
-
Target
eee.exe
-
Size
45KB
-
Sample
250311-b2evhswxd1
-
MD5
539af28c36efbf259e78287e220b0842
-
SHA1
5979dea1f9533149da997c284ef5f39326dedc1a
-
SHA256
0778090c44bb09a80adbe6592c1c5b2f6732010293b163449f3a5a1d02ea684a
-
SHA512
a808636b6ba1e5d8c18e7c3441f556c7f0dcebc3171bacd538575b70cea6881dcc0f4360c30058eafc70e309d0003ffef28a13ff4a533fd8dc48e2b36d41f40b
-
SSDEEP
768:5dhO/poiiUcjlJInnbqmH9Xqk5nWEZ5SbTDaRIWI7CPW5R:3w+jjgnLH9XqcnW85SbTcIWI5
Malware Config
Extracted
xenorat
172.22.94.46
Vector-fixer
-
delay
5000
-
install_path
appdata
-
port
4444
-
startup_name
1234.exe
Targets
-
-
Target
eee.exe
-
Size
45KB
-
MD5
539af28c36efbf259e78287e220b0842
-
SHA1
5979dea1f9533149da997c284ef5f39326dedc1a
-
SHA256
0778090c44bb09a80adbe6592c1c5b2f6732010293b163449f3a5a1d02ea684a
-
SHA512
a808636b6ba1e5d8c18e7c3441f556c7f0dcebc3171bacd538575b70cea6881dcc0f4360c30058eafc70e309d0003ffef28a13ff4a533fd8dc48e2b36d41f40b
-
SSDEEP
768:5dhO/poiiUcjlJInnbqmH9Xqk5nWEZ5SbTDaRIWI7CPW5R:3w+jjgnLH9XqcnW85SbTcIWI5
-
Detect XenoRat Payload
-
Xenorat family
-
Executes dropped EXE
-