Overview

overview

10

Static

static

1

URLScan

urlscan

https://github.com/m...

windows10-2004-x64

10

Resubmissions

07-02-2025 05:38

250207-gb719s1jht 3

07-02-2025 05:33

250207-f8yneszre1 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://github.com/moom825/xeno-rat/releases

  • Sample

    250207-f8yneszre1

Score
10/10
xenoratdiscoveryrattrojan

Malware Config

Extracted

Family

xenorat

C2

localhost

127.0.0.1
Mutex

testing 123123

Attributes
  • delay

    1000

  • install_path

    nothingset

  • port

    1234

  • startup_name

    nothingset

Targets

    • Target

      https://github.com/moom825/xeno-rat/releases

    Score
    10/10
    xenoratdiscoveryrattrojan

    • Detect XenoRat Payload

    • XenorRat

      XenorRat is a remote access trojan written in C#.

      trojanratxenorat

    • Xenorat family

      xenorat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks