Resubmissions

30/03/2025, 19:46

250330-yg7q5avzew 6

29/03/2025, 19:55

250329-ynl31axwgv 6

29/03/2025, 19:55

250329-ym9gxaxvf1 6

29/03/2025, 18:18

250329-wxy3taznv5 6

29/03/2025, 10:24

250329-mfdwwa1xay 7

29/03/2025, 00:19

250329-amltvawpx2 6

28/03/2025, 22:33

250328-2gj7lssxgv 6

Analysis

  • max time kernel
    841s
  • max time network
    842s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2025, 22:33

General

  • Target

    Xeno-v1.1.65/XenoUI.exe

  • Size

    93KB

  • MD5

    70f81947b43381d2a04236e18d96cc97

  • SHA1

    9c704e6fc55ba25534cab8c46fcd00768067b27b

  • SHA256

    ebbd0f6752ea2c36612da63bf7b939bf856ecbae4d9b78800fd7cb0a068b32d6

  • SHA512

    b70390942b43c28949a9e88f163ad2f7552d45b4543bb7f52a305723f09bdfbf81d8cfa6315cb3d4063ffe02113f091c54be071d3b5c59b31e4ba58ac6a979d9

  • SSDEEP

    1536:tGrL4ZZUZ4fzT8xxc3j8NWhouM/APHV5y6SlSO8mh:4rkZKWzT8xxHe7Pby6Simh

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Xeno-v1.1.65\XenoUI.exe
    "C:\Users\Admin\AppData\Local\Temp\Xeno-v1.1.65\XenoUI.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2792
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2792 -s 508
      2⤵
        PID:2912

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2792-0-0x000007FEF5CC3000-0x000007FEF5CC4000-memory.dmp

      Filesize

      4KB

    • memory/2792-1-0x000000013F5E0000-0x000000013F5FA000-memory.dmp

      Filesize

      104KB