Analysis

  • max time kernel
    111s
  • max time network
    117s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-04-2023 20:35

General

  • Target

    XWorm-RAT-main/XWorm RAT V2.1/Plugins/Cmstp-Bypass.dll

  • Size

    11KB

  • MD5

    b6168619969011ef036cced5e6d2bb88

  • SHA1

    a69ffe4f8f41040ca839772e334d11147965e00e

  • SHA256

    995e755827bf8c1908e64d40a7851e05706b89e41dee63037e5c4be0b61f113e

  • SHA512

    d43890212684841982cb180b246c776b4499f5c3b3d285f87b572a369553023899642cb70faeea2dc1d9f2eec99773d395b6573397d20aae18b685d24cffc7f6

  • SSDEEP

    192:fZCBkF2mSmZbBYBIpN4YeTysxIGOyv4Bb9akegyaTRIW1vr/uTDFs5GATLec7hH0:fYM2mNOBI/UysxZ/QBbUkZyaTjr/6YGY

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\XWorm-RAT-main\XWorm RAT V2.1\Plugins\Cmstp-Bypass.dll",#1
    1⤵
      PID:832

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads