xenorat | aed5753c6a243f6d6fe9090cfd089156ed8be67b6f29aac7b6fbf58bfec14623 | Triage

Submit
Reports

Overview

overview

Static

static

1

sample.html

windows11-21h2-x64

Sharing

General

Target

sample
Size

561B
Sample

241220-xfqksa1pf1
MD5

e87f5790521ef2b684ebcdb747c62b26
SHA1

92152a2203786684b0e3e07b92939b6bc2f24630
SHA256

aed5753c6a243f6d6fe9090cfd089156ed8be67b6f29aac7b6fbf58bfec14623
SHA512

d5d579f0ab13c93d04e80b9720241c4c6e7589f047f9ee7cfc1effd54fdb27b7d85372df2a88b35830b70e395ef2f6db88fc6f85a1b739f50d78acb9797ae8e4

Score

10^/10

xenorat discovery rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

sample.html

Resource

win11-20241007-en

xenorat discovery rat trojan

windows11-21h2-x64

21 signatures

300 seconds

Malware Config

Extracted

Family

xenorat

C2

127.0.0.1

Mutex

Xeno_rat_nd8912d

Attributes

delay
5000
install_path
nothingset
port
4444
startup_name
nothingset

Targets

- Target
  
  sample
- Size
  
  561B
- MD5
  
  e87f5790521ef2b684ebcdb747c62b26
- SHA1
  
  92152a2203786684b0e3e07b92939b6bc2f24630
- SHA256
  
  aed5753c6a243f6d6fe9090cfd089156ed8be67b6f29aac7b6fbf58bfec14623
- SHA512
  
  d5d579f0ab13c93d04e80b9720241c4c6e7589f047f9ee7cfc1effd54fdb27b7d85372df2a88b35830b70e395ef2f6db88fc6f85a1b739f50d78acb9797ae8e4
Score

10^/10

xenorat discovery rat trojan
- Detect XenoRat Payload
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
- Xenorat family
  xenorat
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

xenoratdiscoveryrattrojan

© 2018-2024

Terms | Privacy