Analysis

  • max time kernel
    436s
  • max time network
    438s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250217-en
  • resource tags

    arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    13/03/2025, 01:50

General

  • Target

    Xeno-v1.1.55/scripts/Dex.lua

  • Size

    91B

  • MD5

    c4ffc39f489bbe800f3b38616573c2e9

  • SHA1

    8c73e21ca2106fd0b6feb1a110367604a5f730d6

  • SHA256

    3c5799c897b2de6e7077f3d3f533aec772be23b028e8a1d9de2545764fe2cbba

  • SHA512

    db6005af63e0cef25e9f9bb3bdee14959f3069a0e28ee6a82536bd5a2cbb3def4f28d450d85dd94fe54a08d9b97e82b4379d9febd5e87b3017f4d556d862d623

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Xeno-v1.1.55\scripts\Dex.lua
    1⤵
    • Modifies registry class
    PID:2788
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1984

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads