Overview

overview

6

Static

static

3

Xeno-v1.1.65.zip

windows7-x64

1

Xeno-v1.1.65.zip

windows10-2004-x64

1

Xeno-v1.1....re.dll

windows7-x64

1

Xeno-v1.1....re.dll

windows10-2004-x64

1

Xeno-v1.1....ms.dll

windows7-x64

1

Xeno-v1.1....ms.dll

windows10-2004-x64

1

Xeno-v1.1....pf.dll

windows7-x64

1

Xeno-v1.1....pf.dll

windows10-2004-x64

1

Xeno-v1.1....on.dll

windows7-x64

1

Xeno-v1.1....on.dll

windows10-2004-x64

1

Xeno-v1.1.65/Xeno.dll

windows7-x64

1

Xeno-v1.1.65/Xeno.dll

windows10-2004-x64

1

Xeno-v1.1.65/Xeno.exe

windows7-x64

3

Xeno-v1.1.65/Xeno.exe

windows10-2004-x64

6

Xeno-v1.1....s.json

windows7-x64

3

Xeno-v1.1....s.json

windows10-2004-x64

3

Xeno-v1.1....UI.exe

windows7-x64

1

Xeno-v1.1....UI.exe

windows10-2004-x64

1

Xeno-v1.1....g.json

windows7-x64

3

Xeno-v1.1....g.json

windows10-2004-x64

3

Xeno-v1.1....-0.dll

windows10-2004-x64

1

Xeno-v1.1....-0.dll

windows10-2004-x64

1

Xeno-v1.1....-0.dll

windows10-2004-x64

1

Xeno-v1.1....-0.dll

windows10-2004-x64

1

Xeno-v1.1....-0.dll

windows10-2004-x64

1

Xeno-v1.1....-0.dll

windows10-2004-x64

1

Xeno-v1.1....-0.dll

windows10-2004-x64

1

Xeno-v1.1....-0.dll

windows10-2004-x64

1

Xeno-v1.1....x.html

windows7-x64

6

Xeno-v1.1....x.html

windows10-2004-x64

6

Xeno-v1.1....ain.js

windows7-x64

3

Xeno-v1.1....ain.js

windows10-2004-x64

3

Resubmissions

02/04/2025, 22:36 UTC

250402-2h95esxpz5 3

30/03/2025, 19:46 UTC

250330-yg7q5avzew 6

29/03/2025, 19:55 UTC

250329-ynl31axwgv 6

29/03/2025, 19:55 UTC

250329-ym9gxaxvf1 6

29/03/2025, 18:18 UTC

250329-wxy3taznv5 6

29/03/2025, 10:24 UTC

250329-mfdwwa1xay 7

29/03/2025, 00:19 UTC

250329-amltvawpx2 6

28/03/2025, 22:33 UTC

250328-2gj7lssxgv 6

Analysis

  • max time kernel
    150s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29/03/2025, 18:18 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Xeno-v1.1.65/XenoUI.deps.json

  • Size

    2KB

  • MD5

    f264dff8b12b6341b6bb97f9cea46324

  • SHA1

    f8f19c048eacb31fb11b88d2a14b02cb3b7dbd74

  • SHA256

    16b09c4fa7b6b3b75ded9a5ea854ad0b1b88288969376c94de1546cd02a82905

  • SHA512

    4c69f803f0c48cff3da3b862dcad62b5c29af197f83d52cbf176c91e16752f883aea5ccb264aec66c2af179e038b5cf98439561ce08ffd31fc8b385486c67b93

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies registry class 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Xeno-v1.1.65\XenoUI.deps.json
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2268
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Xeno-v1.1.65\XenoUI.deps.json
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:308
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Xeno-v1.1.65\XenoUI.deps.json"
        3⤵
        • System Location Discovery: System Language Discovery
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2736

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    1bc7b10ee6063ab024bc09d6672d0cdd

    SHA1

    4cc24b51fc0cc0703071facfb8fed287e46af82d

    SHA256

    53e7803c6102b1d8d1f5fce7cee538b42e26a72f114197e8dc6b3075095bbf1d

    SHA512

    b10cfb9846587ced15a6318602322fe782eaa9ed686e9460e65a2c762a1392cc1f843d5488ef6d94c122850088c2e441046bbcf84b60b54b2bc1fea0f464cb13

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.