f0eb7f58edc94075cf2d0567ad4b9c7153f7bdeca5e3537ee88360214f6a9076 | Triage

Submit
Reports

Overview

overview

Static

static

XWorm-RAT-...io.dll

windows10-2004-x64

1

XWorm-RAT-...ip.dll

windows10-2004-x64

1

XWorm-RAT-...ws.dll

windows10-2004-x64

1

XWorm-RAT-...AC.dll

windows10-2004-x64

1

XWorm-RAT-...en.dll

windows10-2004-x64

1

XWorm-RAT-...at.dll

windows10-2004-x64

1

XWorm-RAT-...um.dll

windows10-2004-x64

1

XWorm-RAT-...rd.dll

windows10-2004-x64

1

XWorm-RAT-...er.dll

windows10-2004-x64

1

XWorm-RAT-...ss.dll

windows10-2004-x64

1

XWorm-RAT-...ts.dll

windows10-2004-x64

1

XWorm-RAT-...ts.dll

windows10-2004-x64

3

XWorm-RAT-...WD.dll

windows10-2004-x64

1

XWorm-RAT-...ns.dll

windows10-2004-x64

1

XWorm-RAT-...WD.dll

windows10-2004-x64

1

XWorm-RAT-...il.dll

windows10-2004-x64

1

XWorm-RAT-...er.dll

windows10-2004-x64

1

XWorm-RAT-...er.dll

windows10-2004-x64

1

XWorm-RAT-...la.dll

windows10-2004-x64

1

XWorm-RAT-...DP.dll

windows10-2004-x64

1

XWorm-RAT-...ll.dll

windows10-2004-x64

1

XWorm-RAT-...er.exe

windows10-2004-x64

1

XWorm-RAT-...er.exe

windows10-2004-x64

1

XWorm-RAT-...er.exe

windows10-2004-x64

1

XWorm-RAT-...NC.exe

windows10-2004-x64

7

XWorm-RAT-...er.exe

windows10-2004-x64

3

XWorm-RAT-...ib.dll

windows10-2004-x64

1

Analysis

max time kernel
111s
max time network
117s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
12-04-2023 20:35

Sharing

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

XWorm-RAT-main/XWorm RAT V2.1/NAudio.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral2

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/7zip.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral3

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/ACTWindows.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral4

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/AskUAC.dll

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral5

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/BlankScreen.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral6

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/Chat.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral7

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/Chromium.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral8

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/Clipboard.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral9

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/Clipper.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral10

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/Cmstp-Bypass.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral11

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/Computerdefaults.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral12

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/DeletePoints.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

120 seconds

Behavioral task

behavioral13

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/DeleteWD.dll

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral14

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/DicordTokens.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral15

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/DisableWD.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral16

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/Email.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral17

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/Encoder.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral18

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/FileSeacher.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral19

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/FileZilla.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral20

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/HRDP.dll

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral21

Sample

XWorm-RAT-main/XWorm RAT V2.1/Plugins/uninstall.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral22

Sample

XWorm-RAT-main/XWorm RAT V2.1/Tools/HVNC-Server.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral23

Sample

XWorm-RAT-main/XWorm RAT V2.1/Tools/ResHacker.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral24

Sample

XWorm-RAT-main/XWorm RAT V2.1/Tools/vncviewer.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral25

Sample

XWorm-RAT-main/XWorm RAT V2.1/XHVNC.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

120 seconds

Behavioral task

behavioral26

Sample

XWorm-RAT-main/XWorm RAT V2.1/XWorm-RAT-V2.1-builder.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

2 signatures

120 seconds

Behavioral task

behavioral27

Sample

XWorm-RAT-main/XWorm RAT V2.1/dnlib.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

120 seconds

Report Analysis Logs

General

Target

XWorm-RAT-main/XWorm RAT V2.1/Plugins/Cmstp-Bypass.dll
Size

11KB
MD5

b6168619969011ef036cced5e6d2bb88
SHA1

a69ffe4f8f41040ca839772e334d11147965e00e
SHA256

995e755827bf8c1908e64d40a7851e05706b89e41dee63037e5c4be0b61f113e
SHA512

d43890212684841982cb180b246c776b4499f5c3b3d285f87b572a369553023899642cb70faeea2dc1d9f2eec99773d395b6573397d20aae18b685d24cffc7f6
SSDEEP

192:fZCBkF2mSmZbBYBIpN4YeTysxIGOyv4Bb9akegyaTRIW1vr/uTDFs5GATLec7hH0:fYM2mNOBI/UysxZ/QBbUkZyaTjr/6YGY

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\XWorm-RAT-main\XWorm RAT V2.1\Plugins\Cmstp-Bypass.dll",#1
1⤵
PID:832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy