xenorat | 43deac03fa50ed30cb74e3882573d90df257539d21e92f142f9d82d41f397513 | Triage

Submit
Reports

Overview

overview

Static

static

2.exe

windows10-2004-x64

Sharing

General

Target

2.exe
Size

282KB
Sample

241010-r97s9s1eja
MD5

2a73d33b40a0b8f18d6a814c6299fd01
SHA1

05c6a7254a485745467b6488321b887ef4c44b81
SHA256

43deac03fa50ed30cb74e3882573d90df257539d21e92f142f9d82d41f397513
SHA512

366771ed993254d883bd5ca43cf0c145f53bff2b8db6b6f49270a03761473a1a43dfe35461b301b1e4313c40a99cae4a55fdd6d607777a9e12c0bc5dfa857c20
SSDEEP

1536:nw+jjgn6H9XqcnW85SbTEuIO7tMuBtzGulxuJVZ2eY7WHpqiH:nw+jq091UbTESt7leZ2eWNo

Score

10^/10

xenorat discovery rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2.exe

Resource

win10v2004-20241007-en

xenorat discovery rat trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

xenorat

C2

192.168.244.1

Mutex

Blue.cc Temp Woofer

Attributes

delay
10
install_path
nothingset
port
4444
startup_name
nothingset

Targets

- Target
  
  2.exe
- Size
  
  282KB
- MD5
  
  2a73d33b40a0b8f18d6a814c6299fd01
- SHA1
  
  05c6a7254a485745467b6488321b887ef4c44b81
- SHA256
  
  43deac03fa50ed30cb74e3882573d90df257539d21e92f142f9d82d41f397513
- SHA512
  
  366771ed993254d883bd5ca43cf0c145f53bff2b8db6b6f49270a03761473a1a43dfe35461b301b1e4313c40a99cae4a55fdd6d607777a9e12c0bc5dfa857c20
- SSDEEP
  
  1536:nw+jjgn6H9XqcnW85SbTEuIO7tMuBtzGulxuJVZ2eY7WHpqiH:nw+jq091UbTESt7leZ2eWNo
Score

10^/10

xenorat discovery rat trojan
- Detect XenoRat Payload
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xenoratdiscoveryrattrojan

© 2018-2024

Terms | Privacy