xenorat | 62516bbf13d55df8614f58fb964ae2ed98cbe2fd07315b1cdbf8a1c61f63b11a | Triage

Submit
Reports

Overview

overview

Static

static

1

edQE3aLQ.html

windows10-ltsc 2021-x64

Sharing

General

Target

edQE3aLQ
Size

2KB
Sample

241231-b7yvks1jas
MD5

0429c77b246af75734deb2bb67684180
SHA1

da2ad23c95659a7a81bc2f3b9e23be40eba850a2
SHA256

62516bbf13d55df8614f58fb964ae2ed98cbe2fd07315b1cdbf8a1c61f63b11a
SHA512

c0be90f436e76a43de82079a17146e9cca6d6a2f0ce33f5e5d8960ea27af28df713ec894f0f932578b3ee65ce044af5ecc525ff96329522928df07e4ac710d41

Score

10^/10

xenorat discovery rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

edQE3aLQ.html

Resource

win10ltsc2021-20241211-en

xenorat discovery rat trojan

windows10-ltsc 2021-x64

19 signatures

900 seconds

Malware Config

Extracted

Family

xenorat

C2

127.0.0.1

Mutex

Attributes

delay
5000
install_path
nothingset
port
4444
startup_name
nothingset

Targets

- Target
  
  edQE3aLQ
- Size
  
  2KB
- MD5
  
  0429c77b246af75734deb2bb67684180
- SHA1
  
  da2ad23c95659a7a81bc2f3b9e23be40eba850a2
- SHA256
  
  62516bbf13d55df8614f58fb964ae2ed98cbe2fd07315b1cdbf8a1c61f63b11a
- SHA512
  
  c0be90f436e76a43de82079a17146e9cca6d6a2f0ce33f5e5d8960ea27af28df713ec894f0f932578b3ee65ce044af5ecc525ff96329522928df07e4ac710d41
Score

10^/10

xenorat discovery rat trojan
- Detect XenoRat Payload
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
- Xenorat family
  xenorat
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xenoratdiscoveryrattrojan

© 2018-2025

Terms | Privacy