xworm | aaa61ff9c4c55ba6c730f756810bea081bcf5aadb63aa2bc28ccf783024b28e5 | Triage

Sharing

General

Target

ca6aeab0c4a81955de600f3893486d3350c2959678a429f58a8b3d3b9ebf765c.zip
Size

17KB
Sample

230321-rz2jhadc8t
MD5

c2bf8a2091569c6dced7a8dfea594671
SHA1

373bcb303df7f6358de6ba8987561964b7d37897
SHA256

aaa61ff9c4c55ba6c730f756810bea081bcf5aadb63aa2bc28ccf783024b28e5
SHA512

5afad47f41a37fb044ed35150c9a8b1ef4dff44b71293be1db869a39e0468b874166096685c8815f04d91b62e30bf880335d6166ba3f759a30f9211fe4949268
SSDEEP

384:F+FwLS0iNYMl3vuDvSDgr+1DRz9QRculFTdISJx9pO6U+a:oF8S0iNDl3vmaErGz9fqPjfO6Ub

Score

10^/10

xworm rat trojan

Malware Config

Extracted

Family

xworm

C2

daddy.linkpc.net:7000

Mutex

tiBM2lLdmw5onVxB

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  ca6aeab0c4a81955de600f3893486d3350c2959678a429f58a8b3d3b9ebf765c.exe
- Size
  
  40KB
- MD5
  
  c1b1b083369dc7d83768f9e8c3af86dd
- SHA1
  
  c3539465b55a71088bc582d31aaaafe3161dc6a6
- SHA256
  
  ca6aeab0c4a81955de600f3893486d3350c2959678a429f58a8b3d3b9ebf765c
- SHA512
  
  ae59170e25aa4257b3dd0a4e8fdab64c11cfeb1169e23bda7ea21494f8d01561552ddae5d408c48f38ad0755211488386e0559f3fe70e86b65a168dad355ee3f
- SSDEEP
  
  768:OUGV2XN6wjfNqNuYdSBz0Rpf3ksQhLOf+eka:a2NHcfI1OWeka
Score

10^/10

xworm rat trojan
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2