Extracted

• • Target

    fn.exe

  • Size

    45KB

  • MD5

    224ccb2529301b657df7c6bcc7ac6613

  • SHA1

    1743e1b819c6a20ec5b8db1024a4f460160419e7

  • SHA256

    7d5ff178c46801beba098d2705798c99392e15dbc9ccdef3e11ed737d9dfb93d

  • SHA512

    c09509172cb3a662ba8cf5b1df1a4c45dc014c59388f219ed819e08890bd522e4c367e46e91740c1cf636f419e30b66f7022a23216a108e3132905a4ca319307

  • SSDEEP

    768:FdhO/poiiUcjlJInbzH9Xqk5nWEZ5SbTDagWI7CPW5N:bw+jjgn3H9XqcnW85SbTpWIl

  Score

  10^/10

  xenoratdiscoveryrattrojan

  • Detect XenoRat Payload

  • XenorRat

    XenorRat is a remote access trojan written in C#.

    trojanratxenorat

  • Xenorat family

    xenorat

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  behavioral1