xenorat | dd1d0772b969998d05d329411a3dec9ec52b344df956749dc9998f48107487d0 | Triage

Submit
Reports

Overview

overview

Static

static

3

Dropper_protected.exe

windows11-21h2-x64

Sharing

General

Target

Dropper_protected.exe
Size

5.7MB
Sample

241101-xkzdgstfrb
MD5

95f9265e284dbccd509025fdc368cadd
SHA1

a63c64dfe79d97aba4056539e1ae9905d1cf518f
SHA256

dd1d0772b969998d05d329411a3dec9ec52b344df956749dc9998f48107487d0
SHA512

18e0d2e959285dcc8b96bcb3dcbedaf7a8e868fb705f9d941ad5914820f17fd4a4d1889a713d032ffa65fbc3365635f7407b616f86b206406d31bba2e0f03040
SSDEEP

98304:d4Ngr8BHpJCLdpkaPDE+7sP3Nh7GsOSa5NJcHjJmZLXuDQn9ebtmg2bhWpxBZMxN:dV8h4pkaPDE+Uj7G7pNJqEKKitF2VWLE

Score

10^/10

xenorat discovery rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Dropper_protected.exe

Resource

win11-20241007-en

xenorat discovery rat trojan

windows11-21h2-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

xenorat

C2

127.0.0.1

Mutex

Xeno_rat_nd8912d

Attributes

delay
5000
install_path
nothingset
port
4444
startup_name
nothingset

Targets

- Target
  
  Dropper_protected.exe
- Size
  
  5.7MB
- MD5
  
  95f9265e284dbccd509025fdc368cadd
- SHA1
  
  a63c64dfe79d97aba4056539e1ae9905d1cf518f
- SHA256
  
  dd1d0772b969998d05d329411a3dec9ec52b344df956749dc9998f48107487d0
- SHA512
  
  18e0d2e959285dcc8b96bcb3dcbedaf7a8e868fb705f9d941ad5914820f17fd4a4d1889a713d032ffa65fbc3365635f7407b616f86b206406d31bba2e0f03040
- SSDEEP
  
  98304:d4Ngr8BHpJCLdpkaPDE+7sP3Nh7GsOSa5NJcHjJmZLXuDQn9ebtmg2bhWpxBZMxN:dV8h4pkaPDE+Uj7G7pNJqEKKitF2VWLE
Score

10^/10

xenorat discovery rat trojan
- Detect XenoRat Payload
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
- Xenorat family
  xenorat
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xenoratdiscoveryrattrojan

© 2018-2025

Terms | Privacy