General
-
Target
e.exe
-
Size
45KB
-
Sample
250311-bykllawjy3
-
MD5
19bca2b4f66c1e8f9dc803c1fa03a44a
-
SHA1
69dca44b135141a5712952fdaaedc368e69ac3fe
-
SHA256
8dce881d5b28588a58d2ce1555ff11729e3ec9519b35639c53df18de9df805c5
-
SHA512
df118de9b8891fb3cd75d2e9aa5defa0dab2f6f55e6c03e21719d6d73d23676bbdd76655d3da1bb438a51803206ee90a8e7c12a25ab0827c537cd4fc79d1c36c
-
SSDEEP
768:RdhO/poiiUcjlJIn90H9Xqk5nWEZ5SbTDaBIuI7CPW5Z:Pw+jjgnGH9XqcnW85SbT4IuIx
Behavioral task
behavioral1
Sample
e.exe
Resource
win11-20250217-en
Malware Config
Extracted
xenorat
127.0.0.1
Vector-fixer
-
delay
5000
-
install_path
appdata
-
port
4444
-
startup_name
1234.exe
Targets
-
-
Target
e.exe
-
Size
45KB
-
MD5
19bca2b4f66c1e8f9dc803c1fa03a44a
-
SHA1
69dca44b135141a5712952fdaaedc368e69ac3fe
-
SHA256
8dce881d5b28588a58d2ce1555ff11729e3ec9519b35639c53df18de9df805c5
-
SHA512
df118de9b8891fb3cd75d2e9aa5defa0dab2f6f55e6c03e21719d6d73d23676bbdd76655d3da1bb438a51803206ee90a8e7c12a25ab0827c537cd4fc79d1c36c
-
SSDEEP
768:RdhO/poiiUcjlJIn90H9Xqk5nWEZ5SbTDaBIuI7CPW5Z:Pw+jjgnGH9XqcnW85SbT4IuIx
-
Detect XenoRat Payload
-
Xenorat family
-
Executes dropped EXE
-
Loads dropped DLL
-