xenorat | 56cf24488d24b30075cc07fb611cded53bd76815ef3cefcac73ad696feda2ce8 | Triage

Submit
Reports

Overview

overview

Static

static

gowno.exe

windows11-21h2-x64

Sharing

General

Target

gowno.rar
Size

18KB
Sample

250319-2da5javzhz
MD5

03a9c680a0026a26cbce1caf476ee88b
SHA1

1472ecacb2e27ec06c4c07437076ba7501c955f6
SHA256

56cf24488d24b30075cc07fb611cded53bd76815ef3cefcac73ad696feda2ce8
SHA512

9b3dcc4c34a1537b4cf39317d498dd56bd0b87843b265a525598916078c246f2cb4183952043a559060862051bd9c8ec128392c434663162987a4f3062c10ed2
SSDEEP

384:1RpHM5D3s3u3tWYgB62oPYgYH3qdpfXHduJukXhYnBEDqZVDkSg:9kTiY8B62oPWadZXHdGueheSqNg

Score

10^/10

xenorat discovery rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

gowno.exe

Resource

win11-20250313-en

xenorat discovery rat trojan

windows11-21h2-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

xenorat

C2

127.0.0.1

Mutex

testgowna

Attributes

delay
5000
install_path
appdata
port
5858
startup_name
nothingset

Targets

- Target
  
  gowno.exe
- Size
  
  45KB
- MD5
  
  6145e62108a1aa3cd628939ba740449d
- SHA1
  
  812b83703130caf3832af8f9fb5dbd5d9045a2fc
- SHA256
  
  ef2ba29f54fd3d48876405dc424f61ab27222fe36b5b5721c4a5ccca6e879ad1
- SHA512
  
  20a57cb7119e570ded6876ca830c8070e239340ec64c0c0b8d0fbeeea121485b69c2372a0dcdb07ea54c72b9991db76e75f439dad442cccfd82987c7456a175f
- SSDEEP
  
  768:RdhO/poiiUcjlJInN1H9Xqk5nWEZ5SbTDamuI7CPW5T:Pw+jjgnHH9XqcnW85SbTzuIr
Score

10^/10

xenorat discovery rat trojan
- Detect XenoRat Payload
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
- Xenorat family
  xenorat
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xenoratdiscoveryrattrojan

© 2018-2025

Terms | Privacy