Overview

overview

10

Static

static

10

XenoRat 1.8.7.7z

windows7-x64

1

XenoRat 1.8.7.7z

windows10-2004-x64

7

XenoRat 1....at.dll

windows7-x64

1

XenoRat 1....at.dll

windows10-2004-x64

1

XenoRat 1....er.dll

windows7-x64

1

XenoRat 1....er.dll

windows10-2004-x64

1

XenoRat 1....un.dll

windows7-x64

1

XenoRat 1....un.dll

windows10-2004-x64

1

XenoRat 1....nc.dll

windows7-x64

1

XenoRat 1....nc.dll

windows10-2004-x64

1

XenoRat 1....ab.dll

windows7-x64

1

XenoRat 1....ab.dll

windows10-2004-x64

1

XenoRat 1....er.dll

windows7-x64

1

XenoRat 1....er.dll

windows10-2004-x64

1

XenoRat 1....ne.dll

windows7-x64

1

XenoRat 1....ne.dll

windows10-2004-x64

1

XenoRat 1....ne.dll

windows7-x64

1

XenoRat 1....ne.dll

windows10-2004-x64

1

XenoRat 1....er.dll

windows7-x64

1

XenoRat 1....er.dll

windows10-2004-x64

1

XenoRat 1....er.dll

windows7-x64

1

XenoRat 1....er.dll

windows10-2004-x64

1

XenoRat 1....xy.dll

windows7-x64

1

XenoRat 1....xy.dll

windows10-2004-x64

1

XenoRat 1....ol.dll

windows7-x64

1

XenoRat 1....ol.dll

windows10-2004-x64

1

XenoRat 1....ll.dll

windows7-x64

1

XenoRat 1....ll.dll

windows10-2004-x64

1

XenoRat 1....up.dll

windows7-x64

1

XenoRat 1....up.dll

windows10-2004-x64

1

XenoRat 1....er.dll

windows7-x64

1

XenoRat 1....er.dll

windows10-2004-x64

1

Resubmissions

09-01-2025 21:24

250109-z8572s1qbs 10

09-01-2025 21:21

250109-z7apratmar 10

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-01-2025 21:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    XenoRat 1.8.7.7z

  • Size

    4.7MB

  • MD5

    09f1da481eac710c27d4053e6f4a06d3

  • SHA1

    04d7832bb566e776f60998fad380d16c56553438

  • SHA256

    6fc3870e9addfde6c38be21602172a0404244e05e013db1c65aca737eb47969a

  • SHA512

    769bfd09bcf4e60e52b66a4bba200d3996f8ee5628aa80b9a38dc6c44073350dba10d5a194768069de1d08c618e8a03c94f155f0cfe9d9b1ef49999d3650797f

  • SSDEEP

    98304:cyoG7UgKzeoYW1u+ecKDDA9NUCIIdjzuvc6QPggDhPxHlmKUlm:cyowUgKzeoLFEINOcpfWm

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\XenoRat 1.8.7.7z"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:3052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads