Overview

overview

10

Static

static

10

xeno rat client.exe

windows7-x64

10

xeno rat client.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    xeno rat client.exe

  • Size

    52KB

  • Sample

    250123-x8wx9sskbk

  • MD5

    00fbdc8040c8ec388d90ea5133c141fd

  • SHA1

    ce9d3e4d3d6f81794310758b22eaad333e40ad88

  • SHA256

    c940228f2d719b88e181afd94962c3857b666b4da623c5a38acee9ffde406106

  • SHA512

    c8dcb2ea2931ccb29949579c425b07f1f19cfb2d7d28d774afbc0466203da002a344d8266fa002183a156c575ced63a4519bfc2d6b9d6719eab0fb100258122d

  • SSDEEP

    1536:8TtpJ3fm+8UDTxhfcM0RBsN3s+YebFMB/fubiTRE:8Tt7mW3xhEMOWN8sbFMB/fubGE

Score
10/10
xenoratdiscoveryrattrojan

Malware Config

Extracted

Family

xenorat

C2

localhost

Mutex

testing 123123

Attributes
  • delay

    1000

  • install_path

    nothingset

  • port

    1234

  • startup_name

    nothingset

Targets

    • Target

      xeno rat client.exe

    • Size

      52KB

    • MD5

      00fbdc8040c8ec388d90ea5133c141fd

    • SHA1

      ce9d3e4d3d6f81794310758b22eaad333e40ad88

    • SHA256

      c940228f2d719b88e181afd94962c3857b666b4da623c5a38acee9ffde406106

    • SHA512

      c8dcb2ea2931ccb29949579c425b07f1f19cfb2d7d28d774afbc0466203da002a344d8266fa002183a156c575ced63a4519bfc2d6b9d6719eab0fb100258122d

    • SSDEEP

      1536:8TtpJ3fm+8UDTxhfcM0RBsN3s+YebFMB/fubiTRE:8Tt7mW3xhEMOWN8sbFMB/fubGE

    Score
    10/10
    xenoratdiscoveryrattrojan

    • Detect XenoRat Payload

    • XenorRat

      XenorRat is a remote access trojan written in C#.

      trojanratxenorat

    • Xenorat family

      xenorat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks