xworm | VenomRat-Remote[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

VenomRat-Remote.exe

windows7-x64

VenomRat-Remote.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

VenomRat-Remote.exe

Resource

win7-20230220-en

xworm persistence rat trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

VenomRat-Remote.exe

Resource

win10v2004-20230220-en

xworm persistence rat trojan

windows10-2004-x64

10 signatures

150 seconds

General

Target

VenomRat-Remote.exe
Size

53KB
MD5

534cee2ee1004aa293fc255900508258
SHA1

4201a417e1f5de53d4714527ea9ede5c200cd464
SHA256

c726c827166aa89a94e778f2eceea03d24473ccb4f7224b95610e90b35e0decd
SHA512

f48a3ed44a1377fcac0712948cc30a78f023782cf8519dca9673df7a027a19f64a615c6fb46619064619f696a4cb79148d587ddec06162f8a5f8727921bc4487
SSDEEP

1536:dVqZtg06hMQHpBDzbs5me/dKzOQgWove+U:PAtg0IMkDzbs5vQzOQgWu/U

Score

10^/10

xworm

Malware Config

Extracted

Family

xworm

C2

180.ip.ply.gg:8840

Attributes

install_file
USB.exe

Signatures

Xworm family
xworm

Files

VenomRat-Remote.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy