xenorat | e7fa7df68f52c8211dcf98a83ce68d333c1c9ad47c695e1c81d251c71dab2267 | Triage

Submit
Reports

Overview

overview

Static

static

123.exe

windows10-2004-x64

Sharing

General

Target

123.exe
Size

45KB
Sample

241227-bxlr9sxrdz
MD5

5a778e834f35c916c39c65d60e039fd0
SHA1

68f3eaf6f75f5121f478c9ddb18ac0bd87622c1a
SHA256

e7fa7df68f52c8211dcf98a83ce68d333c1c9ad47c695e1c81d251c71dab2267
SHA512

3a2af26f175124f04abcd7587a80caa948c3489c6a386274af865f2a0c47be62998b355abf8d92562cf022a2e8a2a1d7e269c9bbd3a4a58054822e15addc74e1
SSDEEP

768:RdhO/poiiUcjlJIn7rtUH9Xqk5nWEZ5SbTDaQWI7CPW5U:Pw+jjgn7BUH9XqcnW85SbThWIM

Score

10^/10

xenorat discovery rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

123.exe

Resource

win10v2004-20241007-en

xenorat discovery rat trojan

windows10-2004-x64

14 signatures

300 seconds

Malware Config

Extracted

Family

xenorat

C2

192.168.0.144

Mutex

Xeno_rat_nd8912d

Attributes

delay
5000
install_path
appdata
port
4444
startup_name
nothingset

Targets

- Target
  
  123.exe
- Size
  
  45KB
- MD5
  
  5a778e834f35c916c39c65d60e039fd0
- SHA1
  
  68f3eaf6f75f5121f478c9ddb18ac0bd87622c1a
- SHA256
  
  e7fa7df68f52c8211dcf98a83ce68d333c1c9ad47c695e1c81d251c71dab2267
- SHA512
  
  3a2af26f175124f04abcd7587a80caa948c3489c6a386274af865f2a0c47be62998b355abf8d92562cf022a2e8a2a1d7e269c9bbd3a4a58054822e15addc74e1
- SSDEEP
  
  768:RdhO/poiiUcjlJIn7rtUH9Xqk5nWEZ5SbTDaQWI7CPW5U:Pw+jjgn7BUH9XqcnW85SbThWIM
Score

10^/10

xenorat discovery rat trojan
- Detect XenoRat Payload
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
- Xenorat family
  xenorat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xenoratdiscoveryrattrojan

© 2018-2025

Terms | Privacy