xworm | ec984efbcc8915ef4e2f9decbd844b9a75a1443b78616d750d1e6a4f5a405cec | Triage

Submit
Reports

Overview

overview

Static

static

XClient.exe

windows10-1703-x64

Sharing

General

Target

XClient.exe
Size

69KB
Sample

230322-2qmzvsdg9w
MD5

1b6c19ea6b874a27d9cb23e8c722320b
SHA1

9c01c24bd4a23cd6ad1f83701d58e09d81800321
SHA256

ec984efbcc8915ef4e2f9decbd844b9a75a1443b78616d750d1e6a4f5a405cec
SHA512

75a81d34bc2b63d5251b2e40f1cbd1d4ae1cb63ef7f7204a9d1213aef9104dd2c22704d7e7e3bcce00313a99047337a8ba972f5de171622f68c6212801ccbcfd
SSDEEP

1536:Yz0yMVnhj0hmwxGz2bp/XUkgev6nLE4TOOcqwH0p:YzqYhO6b5krev+E4TOOLwUp

Score

10^/10

xworm rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

XClient.exe

Resource

win10-20230220-en

xworm rat trojan

windows10-1703-x64

4 signatures

1800 seconds

Malware Config

Targets

- Target
  
  XClient.exe
- Size
  
  69KB
- MD5
  
  1b6c19ea6b874a27d9cb23e8c722320b
- SHA1
  
  9c01c24bd4a23cd6ad1f83701d58e09d81800321
- SHA256
  
  ec984efbcc8915ef4e2f9decbd844b9a75a1443b78616d750d1e6a4f5a405cec
- SHA512
  
  75a81d34bc2b63d5251b2e40f1cbd1d4ae1cb63ef7f7204a9d1213aef9104dd2c22704d7e7e3bcce00313a99047337a8ba972f5de171622f68c6212801ccbcfd
- SSDEEP
  
  1536:Yz0yMVnhj0hmwxGz2bp/XUkgev6nLE4TOOcqwH0p:YzqYhO6b5krev+E4TOOLwUp
Score

10^/10

xworm rat trojan
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy