xenorat | bd96ab832522b95bc01637c0aa4d2a03cb9a36c1ace05ce6c0962586d3fd645f | Triage

Sharing

General

Target

Terminal.exe
Size

265KB
Sample

240906-y5bzcswfne
MD5

4ef7fab8f31fea78f9339ff1b61ff955
SHA1

feab88e721e59e6685d80fbbb62880679f16973c
SHA256

bd96ab832522b95bc01637c0aa4d2a03cb9a36c1ace05ce6c0962586d3fd645f
SHA512

1165dc71eab587b19c9a6b3d10c5ac513a9befd45d10719c482364f02dcd990aaf583080900fd1bd961de98b8088a4d0a4aa733f9a26af121bd8caeae262b693
SSDEEP

3072:1qN4fDJNpygmDiAk5vTol3pJVwEUQ7HlPIXAJ/scSTVJJZMoondbrlp52:TfDJrygmGN6nNzlPIGUcSBJvM3dbxp

Score

10^/10

xenorat discovery rat trojan

Malware Config

Targets

- Target
  
  Terminal.exe
- Size
  
  265KB
- MD5
  
  4ef7fab8f31fea78f9339ff1b61ff955
- SHA1
  
  feab88e721e59e6685d80fbbb62880679f16973c
- SHA256
  
  bd96ab832522b95bc01637c0aa4d2a03cb9a36c1ace05ce6c0962586d3fd645f
- SHA512
  
  1165dc71eab587b19c9a6b3d10c5ac513a9befd45d10719c482364f02dcd990aaf583080900fd1bd961de98b8088a4d0a4aa733f9a26af121bd8caeae262b693
- SSDEEP
  
  3072:1qN4fDJNpygmDiAk5vTol3pJVwEUQ7HlPIXAJ/scSTVJJZMoondbrlp52:TfDJrygmGN6nNzlPIGUcSBJvM3dbxp
Score

10^/10

xenorat discovery rat trojan
- Detect XenoRat Payload
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xenoratdiscoveryrattrojan

behavioral2

xenoratdiscoveryrattrojan