xenorat | f0d83af8812a5e252ca0ae2840a2bfab14a484edb74498c8eacacdce3a720ada | Triage

Submit
Reports

Overview

overview

Static

static

3

Flycode_VP...er.exe

windows7-x64

Flycode_VP...er.exe

windows10-2004-x64

Sharing

General

Target

Flycode_VPN_installer.zip
Size

159KB
Sample

241104-jj8c4sxdlc
MD5

d96c3980a578872b022114d4de05bbc5
SHA1

3cae2c07e458cee0823aff358da2b999ff31ed4c
SHA256

f0d83af8812a5e252ca0ae2840a2bfab14a484edb74498c8eacacdce3a720ada
SHA512

7e99e1ecb8313cfe535057a9abebcf645656776748bfafc9c0fd73e3225359b61000cf2a11d89cfcf4b567b25bcf4fcf6ef8b5d11786751d2bdec7173aa1b8c0
SSDEEP

3072:5ppBZMx0o3D0BCL8TVtrNayEVwCmhf2Navmy5B0GfnCLc:vPGICLMVVNadwjf2NaVB0wCLc

Score

10^/10

xenorat rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Flycode_VPN_installer.exe

Resource

win7-20240903-en

xenorat rat trojan

windows7-x64

3 signatures

60 seconds

Behavioral task

behavioral2

Sample

Flycode_VPN_installer.exe

Resource

win10v2004-20241007-en

xenorat rat trojan

windows10-2004-x64

3 signatures

60 seconds

Malware Config

Targets

- Target
  
  Flycode_VPN_installer.exe
- Size
  
  725KB
- MD5
  
  6214931316aef5b8f870d375a7649218
- SHA1
  
  cfbded8b49b5c4c4ad1ab594010d14cb236463b0
- SHA256
  
  32aaddf41bbed77709a5db74ed8a62e179f65486945cfb20ccaa6023686a6871
- SHA512
  
  8eaa85a23fc4c5b38b08afbaad9ad7101f7c43e85fdc3e2841dac42e484b8af07ccea04b74d304dff39573d4e49747b49ca66f80444222268d1b8ab318e6e78f
- SSDEEP
  
  12288:LxeQCJwvvFkyjj6ZqxdDXCXxFCQE1Vdr+iGkvii1KRlWPBboSWo69c32a6st7Ylm:NeQMwvNkn2DXCXxFCQE1Vdr+iGkvii1J
Score

10^/10

xenorat rat trojan
- Detect XenoRat Payload
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
- Xenorat family
  xenorat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xenoratrattrojan

behavioral2

xenoratrattrojan

© 2018-2024

Terms | Privacy