xworm | sussy[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

sussy.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

sussy.exe

Resource

win10v2004-20230220-en

xworm persistence rat trojan

windows10-2004-x64

12 signatures

600 seconds

General

Target

sussy.exe
Size

95KB
MD5

0bdb35e9a19fde83df94786aa0e677d9
SHA1

09fa0561fa8079c93534f41e52d64e47cad66dc5
SHA256

9e38b9af48f429b9392dacae6efcbb0f82b9b0f88c99635471af908f834a95a2
SHA512

826b11f9354bf3666fcac01ba2797f2d7856fc7e1e8849e1e031a44fb2bb28fc8f381dcfb49f676e2963e04253c0a2bfa34778aa49270713383a7ed2fcb3de10
SSDEEP

1536:0vEPh5M+1g9oR74majR/ZszX4nUs3XiLwa3to:tywg9+7sZ9UgAwa3to

Score

10^/10

xworm

Malware Config

Extracted

Family

xworm

Mutex

P5J5pqTGxJj2CeQj

Attributes

install_file
USB.exe
pastebin_url
https://pastebin.com/raw/IP:PORT:KEY

aes.plain

Signatures

Xworm family
xworm

Files

sussy.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy