xenorat | 325bb6951b6c7562f1b4a64f59497a8b8d365c20b4fb417f8962c4e8dd23cfde | Triage

Sharing

General

Target

4ef7fab8f31fea78f9339ff1b61ff955.bin
Size

188KB
Sample

240908-bl2z4sycng
MD5

925ba15d9d4eb0c0519f1e9da1f1897e
SHA1

b4b9bdf7a2af56f2eaebbaf7ac13a1c407e12b2f
SHA256

325bb6951b6c7562f1b4a64f59497a8b8d365c20b4fb417f8962c4e8dd23cfde
SHA512

73fe4e59fd844db4c8abc0598c3204fcb0809b853c50797e593019efdb09132c196053616d212fda093fa8846b9b2e41c24f96e3031f82e823f8aeffa9c24fe4
SSDEEP

3072:ZPz4r4hNQHWtx+OsLtBndw5ktYblFUuENbx8G6uX/f9hpptcG+AMPFRw:Z8DHtLvdw5kt+Kdx3X9w+gvw

Score

10^/10

xenorat discovery rat trojan

Malware Config

Targets

- Target
  
  bd96ab832522b95bc01637c0aa4d2a03cb9a36c1ace05ce6c0962586d3fd645f.exe
- Size
  
  265KB
- MD5
  
  4ef7fab8f31fea78f9339ff1b61ff955
- SHA1
  
  feab88e721e59e6685d80fbbb62880679f16973c
- SHA256
  
  bd96ab832522b95bc01637c0aa4d2a03cb9a36c1ace05ce6c0962586d3fd645f
- SHA512
  
  1165dc71eab587b19c9a6b3d10c5ac513a9befd45d10719c482364f02dcd990aaf583080900fd1bd961de98b8088a4d0a4aa733f9a26af121bd8caeae262b693
- SSDEEP
  
  3072:1qN4fDJNpygmDiAk5vTol3pJVwEUQ7HlPIXAJ/scSTVJJZMoondbrlp52:TfDJrygmGN6nNzlPIGUcSBJvM3dbxp
Score

10^/10

xenorat discovery rat trojan
- Detect XenoRat Payload
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xenoratdiscoveryrattrojan

behavioral2

xenoratdiscoveryrattrojan