xenorat | 8d8e2512c933655992aae67eb76c97d5faafa9b2f99baf4e6916a4b398288f8d | Triage

Resubmissions

29-08-2024 08:01

240829-jwkskssgnp 10

Sharing

General

Target

xs.exe
Size

45KB
Sample

240829-jwkskssgnp
MD5

104a64376edf7d06e889e2fcc8e6e62b
SHA1

7b7deb77061f44e6a0bb00f689361dc50e0c6ffe
SHA256

8d8e2512c933655992aae67eb76c97d5faafa9b2f99baf4e6916a4b398288f8d
SHA512

af9bac66d17df421ade13ab4b9c3fcde5654c35cfb57e7ff85aa5288496077a678437c60fb225c85f39aa7aed2dab9a4523996640c37559243c37b355be5b9a2
SSDEEP

768:tdhO/poiiUcjlJInlzH9Xqk5nWEZ5SbTDafWI7CPW5V:jw+jjgndH9XqcnW85SbTeWId

Score

10^/10

xenorat discovery rat trojan

Malware Config

Extracted

Family

xenorat

C2

lyrics-contest.gl.at.ply.gg

Mutex

Xeno_rat_nd8912d

Attributes

delay
5000
install_path
nothingset
port
47112
startup_name
nothingset

Targets

- Target
  
  xs.exe
- Size
  
  45KB
- MD5
  
  104a64376edf7d06e889e2fcc8e6e62b
- SHA1
  
  7b7deb77061f44e6a0bb00f689361dc50e0c6ffe
- SHA256
  
  8d8e2512c933655992aae67eb76c97d5faafa9b2f99baf4e6916a4b398288f8d
- SHA512
  
  af9bac66d17df421ade13ab4b9c3fcde5654c35cfb57e7ff85aa5288496077a678437c60fb225c85f39aa7aed2dab9a4523996640c37559243c37b355be5b9a2
- SSDEEP
  
  768:tdhO/poiiUcjlJInlzH9Xqk5nWEZ5SbTDafWI7CPW5V:jw+jjgndH9XqcnW85SbTeWId
Score

10^/10

xenorat discovery rat trojan
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xenoratdiscoveryrattrojan

behavioral2

xenoratdiscoveryrattrojan