General
-
Target
https://mega.nz/file/VgN0XBqD#Zdh_Vj1cwhWB3ISgDwX-CG3HdoHth4YxEWexbcIRtlk
-
Sample
240822-efakfs1arj
Score
10/10
Malware Config
Extracted
Family
xenorat
C2
147.185.221.19
Mutex
5aafKEYsYk
Attributes
-
delay
5000
-
install_path
temp
-
port
4748
-
startup_name
JavaW
Targets
-
-
Target
https://mega.nz/file/VgN0XBqD#Zdh_Vj1cwhWB3ISgDwX-CG3HdoHth4YxEWexbcIRtlk
Score10/10-
XenorRat
XenorRat is a remote access trojan written in C#.
-
Executes dropped EXE
-