xworm | tmp | Triage

Submit
Reports

Overview

overview

Static

static

tmp.exe

windows7-x64

tmp.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-20230220-en

xworm rat trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-20230220-en

xworm rat trojan

windows10-2004-x64

1 signatures

150 seconds

General

Target

tmp
Size

93KB
MD5

ab1b33f203932d21ec90ac901fac6c52
SHA1

10c9b4c744559eceda882d8f4226042a29eb9b97
SHA256

30d7c84b0ece1166ec0bb076a6bc188d598009fffa4c5e1528671c65aa76526b
SHA512

b8063e190d3158fb8580996e7727876d0af23bde0c211f2af108cfc5a15cd9c6adbe4e2fab454ab81efcee35ae504ce80a55f7e40c40db36072bbf00c41de966
SSDEEP

768:VP16NXxhxa7zg+Kd3yVZFRlaiHhEnLC/AG6qZ25ZBJI8Xyr:VPG5CV3aiHOLC/AG6t5Z08Xyr

Score

10^/10

xworm

Malware Config

Extracted

Family

xworm

C2

77.248.111.83:2404

Mutex

3xnj0N5Dbz6QQl2y

Attributes

install_file
USB.exe

aes.plain

Signatures

Xworm family
xworm

Files

tmp
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy