xenorat | c4c21224b91351cbd943ca77e14c1c458815104ab9ffa5d252615d75e736f725 | Triage

Submit
Reports

Overview

overview

Static

static

eulen.exe

windows10-2004-x64

Sharing

General

Target

eulen.exe
Size

74KB
Sample

250117-28l6aawraj
MD5

3844571d2d25e1112db4d525422f8ad2
SHA1

3ee0f8874270f73c417a2a56e506a49b850cef8e
SHA256

c4c21224b91351cbd943ca77e14c1c458815104ab9ffa5d252615d75e736f725
SHA512

fd0ac668e7f85b5bba70bc01db2ae4c63b85519ad8059aaec4142be92ea4642d242fc6fea4fc78bc4cf36b1b67ec4e4564c8effaab6987042acb738187179705
SSDEEP

1536:Tw+jjgn2yH9XqcnW85SbTBqWIy8+Qlr6SYCmQqy15X:Tw+jq2s91UbTBqH+Q4wqy15X

Score

10^/10

xenorat discovery rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

eulen.exe

Resource

win10v2004-20241007-en

xenorat discovery rat trojan

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Extracted

Family

xenorat

C2

147.185.221.25

Mutex

Eulen

Attributes

delay
1
install_path
temp
port
18889
startup_name
Update

Targets

- Target
  
  eulen.exe
- Size
  
  74KB
- MD5
  
  3844571d2d25e1112db4d525422f8ad2
- SHA1
  
  3ee0f8874270f73c417a2a56e506a49b850cef8e
- SHA256
  
  c4c21224b91351cbd943ca77e14c1c458815104ab9ffa5d252615d75e736f725
- SHA512
  
  fd0ac668e7f85b5bba70bc01db2ae4c63b85519ad8059aaec4142be92ea4642d242fc6fea4fc78bc4cf36b1b67ec4e4564c8effaab6987042acb738187179705
- SSDEEP
  
  1536:Tw+jjgn2yH9XqcnW85SbTBqWIy8+Qlr6SYCmQqy15X:Tw+jq2s91UbTBqH+Q4wqy15X
Score

10^/10

xenorat discovery rat trojan
- Detect XenoRat Payload
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
- Xenorat family
  xenorat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xenoratdiscoveryrattrojan

© 2018-2025

Terms | Privacy