Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1.bin
-
Size
45KB
-
Sample
240718-g4q88axdrm
-
MD5
031ef44f772d9b20762d5b7d8c6ce141
-
SHA1
370ca1a7c78171b55daef91cf827df72bcc3e741
-
SHA256
631713b09731f14b5397059d6358bb580525fbef98bfd2f16321b12677e14ce5
-
SHA512
bd224cf4afef381350d096137e60ed31a83b70d3e2320a4896f38aa0e69117c9ab0d8b594214911ace1aaa8a7ec28f2da44aa17e71ec7ad31efa8794512120a6
-
SSDEEP
768:qdhO/poiiUcjlJIn5wzH9Xqk5nWEZ5SbTDaMWI7CPW5N:Mw+jjgn5yH9XqcnW85SbT9WIl
Malware Config
Extracted
xenorat
176.113.115.177
RGHEHTJ4GEJHTJSHJAJHAJHA
-
install_path
nothingset
-
port
4404
-
startup_name
nothingset
Targets
-
-
Target
1.bin
-
Size
45KB
-
MD5
031ef44f772d9b20762d5b7d8c6ce141
-
SHA1
370ca1a7c78171b55daef91cf827df72bcc3e741
-
SHA256
631713b09731f14b5397059d6358bb580525fbef98bfd2f16321b12677e14ce5
-
SHA512
bd224cf4afef381350d096137e60ed31a83b70d3e2320a4896f38aa0e69117c9ab0d8b594214911ace1aaa8a7ec28f2da44aa17e71ec7ad31efa8794512120a6
-
SSDEEP
768:qdhO/poiiUcjlJIn5wzH9Xqk5nWEZ5SbTDaMWI7CPW5N:Mw+jjgn5yH9XqcnW85SbT9WIl
Score10/10-
XenorRat
XenorRat is a remote access trojan written in C#.
-