xenorat | 4cd52a1328ac7b1e2856007eb6eb721441f275f5c5b0049f6e8ba0a1f1c98be0 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

Release.zip

windows7-x64

1

Release.zip

windows10-2004-x64

Sharing

General

Target

Release.zip
Size

6.4MB
Sample

250203-rpm85atkhv
MD5

0ac7270ebbf7914fa19f0a20b7725338
SHA1

04b140f70fa4f6e8c4003fd993a2260073242d53
SHA256

4cd52a1328ac7b1e2856007eb6eb721441f275f5c5b0049f6e8ba0a1f1c98be0
SHA512

71b340eb439cd192f2fb490d6e7b12377d7755e912d6e045796f1ebe565f497840f8d4d3cd550225818728034bed687e078a6e73975b07741785bc20df9dbdae
SSDEEP

196608:vMSPrNiQ7KRy+EPqbTwVLW83FUSA7WQZzwM3/C2c6:DDNdORywWB1USA7WS/vc6

Score

10^/10

xenorat discovery rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Release.zip

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Release.zip

Resource

win10v2004-20250129-en

xenorat discovery rat trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

xenorat

C2

localhost

127.0.0.1

Mutex

testing 123123

Attributes

delay
1000
install_path
nothingset
port
1234
startup_name
nothingset

Targets

- Target
  
  Release.zip
- Size
  
  6.4MB
- MD5
  
  0ac7270ebbf7914fa19f0a20b7725338
- SHA1
  
  04b140f70fa4f6e8c4003fd993a2260073242d53
- SHA256
  
  4cd52a1328ac7b1e2856007eb6eb721441f275f5c5b0049f6e8ba0a1f1c98be0
- SHA512
  
  71b340eb439cd192f2fb490d6e7b12377d7755e912d6e045796f1ebe565f497840f8d4d3cd550225818728034bed687e078a6e73975b07741785bc20df9dbdae
- SSDEEP
  
  196608:vMSPrNiQ7KRy+EPqbTwVLW83FUSA7WQZzwM3/C2c6:DDNdORywWB1USA7WS/vc6
Score

10^/10

xenorat discovery rat trojan
- Detect XenoRat Payload
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
- Xenorat family
  xenorat
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

xenoratdiscoveryrattrojan

© 2018-2025

Terms | Privacy