General
-
Target
bomb.exe
-
Size
46KB
-
Sample
250604-xt2vzatyez
-
MD5
427d43efc21fbb725ca5e1a57380a6ef
-
SHA1
63d091f2e8f2270d88b8eb46084d213d16d6cbb5
-
SHA256
76ce289ac221d440ce01f8c83c192d94e103e1231cc31f7bb9c7beefc3ebb225
-
SHA512
30836810a296e89a1b3208b500ea153ccf90fd19f4d8d0f14372d196d3b420c55081c760ba9ca0ae61fbc345ec86420a453ac0571d1488db98c033d042be485e
-
SSDEEP
768:YdhO/poiiUcjlJInKWH9Xqk5nWEZ5SbTDaGWI7CPW5v:Kw+jjgnVH9XqcnW85SbTPWIX
Behavioral task
behavioral1
Sample
bomb.exe
Resource
win10v2004-20250502-en
Malware Config
Extracted
xenorat
127.0.0.1
Xeno
-
delay
5000
-
install_path
nothingset
-
port
4444
-
startup_name
nothingset
Targets
-
-
Target
bomb.exe
-
Size
46KB
-
MD5
427d43efc21fbb725ca5e1a57380a6ef
-
SHA1
63d091f2e8f2270d88b8eb46084d213d16d6cbb5
-
SHA256
76ce289ac221d440ce01f8c83c192d94e103e1231cc31f7bb9c7beefc3ebb225
-
SHA512
30836810a296e89a1b3208b500ea153ccf90fd19f4d8d0f14372d196d3b420c55081c760ba9ca0ae61fbc345ec86420a453ac0571d1488db98c033d042be485e
-
SSDEEP
768:YdhO/poiiUcjlJInKWH9Xqk5nWEZ5SbTDaGWI7CPW5v:Kw+jjgnVH9XqcnW85SbTPWIX
-
Detect XenoRat Payload
-
Xenorat family
-