xenorat | eaf3578e783ed7b5684bc0e94fefae33a4015468fa79255680c8b08c123bbbdb | Triage

Sharing

General

Target

Dezide.exe
Size

50KB
Sample

240704-vm6jgazdrr
MD5

5879594366ea1b0bbb44203e885fa1d7
SHA1

801db94b0f49efe1edf6d6e24f665bcec5b4bee8
SHA256

eaf3578e783ed7b5684bc0e94fefae33a4015468fa79255680c8b08c123bbbdb
SHA512

b5273f01cf1e46f99d06f51b3811b9be7ac4b038773fe898d178cdf4e1f92fec00ecaa9edaf00811c6dcf862d5d0ebabe5a46b4b17827d9b1efd035416b40a9f
SSDEEP

768:EdhO/poiiUcjlJInQ3H9Xqk5nWEZ5SbTDaTuI7CPW5SKBzZi/z:ew+jjgn2H9XqcnW85SbTuuIxuL

Score

10^/10

xenorat rat trojan

Malware Config

Extracted

Family

xenorat

Mutex

Dezide.CC

Attributes

delay
5000
install_path
nothingset
port
4444
startup_name
nothingset

Targets

- Target
  
  Dezide.exe
- Size
  
  50KB
- MD5
  
  5879594366ea1b0bbb44203e885fa1d7
- SHA1
  
  801db94b0f49efe1edf6d6e24f665bcec5b4bee8
- SHA256
  
  eaf3578e783ed7b5684bc0e94fefae33a4015468fa79255680c8b08c123bbbdb
- SHA512
  
  b5273f01cf1e46f99d06f51b3811b9be7ac4b038773fe898d178cdf4e1f92fec00ecaa9edaf00811c6dcf862d5d0ebabe5a46b4b17827d9b1efd035416b40a9f
- SSDEEP
  
  768:EdhO/poiiUcjlJInQ3H9Xqk5nWEZ5SbTDaTuI7CPW5SKBzZi/z:ew+jjgn2H9XqcnW85SbTuuIxuL
Score

10^/10

xenorat rat trojan
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xenoratrattrojan

behavioral2

xenoratrattrojan