xenorat | ae89053448060576ac8a19a5ec05365bdf470f3276a63eb0fd01f82313279d1f | Triage

Submit
Reports

Overview

overview

Static

static

python_309_setup.exe

windows11-21h2-x64

Sharing

General

Target

python_309_setup.exe
Size

45KB
Sample

250220-3vv2psxpgs
MD5

2dcdd4f5f1aa75d0ccc76ddb36cf8e2a
SHA1

b4b95a1e4cee0384d20f90fefd196a4175d61faf
SHA256

ae89053448060576ac8a19a5ec05365bdf470f3276a63eb0fd01f82313279d1f
SHA512

9e000cf6188ac8aa996e77033fb0edb60349feae57aaee05d7112a3192964e230fc0d37dcfc91507e36348ce18ffb0e881c9ff5f8e12538b1a2aac57531a79a1
SSDEEP

768:m/dhO/poiiUcjlJInd3H9Xqk5nWEZ5SbTDaiuI7CPW5W2YAL:m1w+jjgn5H9XqcnW85SbTnuIe2YAL

Score

10^/10

xenorat discovery rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

python_309_setup.exe

Resource

win11-20250217-en

xenorat discovery rat trojan

windows11-21h2-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

xenorat

C2

127.0.0.1

Mutex

Xeno_rat_nd8912d

Attributes

delay
5000
install_path
temp
port
4444
startup_name
nothingset

Targets

- Target
  
  python_309_setup.exe
- Size
  
  45KB
- MD5
  
  2dcdd4f5f1aa75d0ccc76ddb36cf8e2a
- SHA1
  
  b4b95a1e4cee0384d20f90fefd196a4175d61faf
- SHA256
  
  ae89053448060576ac8a19a5ec05365bdf470f3276a63eb0fd01f82313279d1f
- SHA512
  
  9e000cf6188ac8aa996e77033fb0edb60349feae57aaee05d7112a3192964e230fc0d37dcfc91507e36348ce18ffb0e881c9ff5f8e12538b1a2aac57531a79a1
- SSDEEP
  
  768:m/dhO/poiiUcjlJInd3H9Xqk5nWEZ5SbTDaiuI7CPW5W2YAL:m1w+jjgn5H9XqcnW85SbTnuIe2YAL
Score

10^/10

xenorat discovery rat trojan
- Detect XenoRat Payload
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
- Xenorat family
  xenorat
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xenoratdiscoveryrattrojan

© 2018-2025

Terms | Privacy