xworm | xw[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

xw.exe

windows7-x64

xw.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

xw.exe

Resource

win7-20230220-en

xworm persistence rat trojan

windows7-x64

16 signatures

1800 seconds

Behavioral task

behavioral2

Sample

xw.exe

Resource

win10v2004-20230220-en

xworm persistence rat trojan

windows10-2004-x64

19 signatures

1800 seconds

General

Target

xw.exe
Size

81KB
MD5

6b38f741fabd8130da66e44fe63935ee
SHA1

4938807e835de01aef3e92933e0a8e14c4ac6125
SHA256

4025806d093c4b418bec45b6b2b2958abf37ea41363baebc450f3d3b48c04f72
SHA512

e90404e646686e8d3965bb8fcb51eb76aedf5fd0a018dc95cfb5e80aeeedd8f01bf26749a737580b3af87314c388a3bcb4951d3cbaf32381ae8bb7f879208459
SSDEEP

1536:X4Kif7201JxFU6c48tEYFyU+hbtOMuUNw+65gR/XO1TJyGXc:X4Ff72sJxFEjvZ0btRvBXO1TJyGs

Score

10^/10

xworm

Malware Config

Extracted

Family

xworm

C2

ftap-29332.portmap.host:29332

Attributes

install_file
svchost.exe

Signatures

Xworm family
xworm

Files

xw.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy