Overview

overview

10

Static

static

10

c1f70fb2c0...f8.exe

windows7-x64

10

c1f70fb2c0...f8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c1f70fb2c07ec6e8a69d1bfc4998703481adf5301b44af75b125f11776da77f8.exe

  • Size

    127KB

  • MD5

    e56cee3aba6280693ac9bcd2c4f184ec

  • SHA1

    e2ec215868b0a2528e5ee25eb89f9661527e2f78

  • SHA256

    c1f70fb2c07ec6e8a69d1bfc4998703481adf5301b44af75b125f11776da77f8

  • SHA512

    466732320ee94693bc8327826b1021e414c8b03c35c0a0302c5f98404b2886b1274a327804e8449f298454e76e6e69693746a77f767f6145a96430f4a15e4929

  • SSDEEP

    3072:TQiLrCFq0btnCrCFaQImMqU/unn8fVcgz7Gp1q1vg:5OrFZaqU/uwcgvGn6

Score
10/10
xenorat

Malware Config

Signatures

  • Detect XenoRat Payload 1 IoCs
  • Xenorat family
    xenorat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c1f70fb2c07ec6e8a69d1bfc4998703481adf5301b44af75b125f11776da77f8.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections