xworm | server[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

server.exe

windows7-x64

server.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

server.exe

Resource

win7-20230220-en

xworm persistence rat trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

server.exe

Resource

win10v2004-20230220-en

xworm persistence rat trojan

windows10-2004-x64

12 signatures

150 seconds

General

Target

server.exe
Size

38KB
MD5

1077d2817de834e79983fa8bb6dde71e
SHA1

f251d74238b838ce1605b889d80327a1e47e9a40
SHA256

7f8e216231c8e0e57f4d6e06edb5c20fbed0cfa36c44058ad5809935c4a06448
SHA512

3132c7690ddc33e6c8b7d9533f7b8500bfce540eeee61db706dcc4847d7dcf7634206fd8f04c437706e9412bb09c7706b016b8633c17661f322475046e5d1bba
SSDEEP

768:z5B93liEMuoOzHEgSSxCa7wFWPh9Vi67Owhk9Fxkku:z5BM+NSda0FK9Vi67Owq72

Score

10^/10

xworm

Malware Config

Extracted

Family

xworm

C2

kids-abstract.at.ply.gg:26193

Mutex

Q0PQt1zJ8DDIXdji

Attributes

install_file
USB.exe

aes.plain

Signatures

Xworm family
xworm

Files

server.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy