xworm | bef2ed0a20aea417015b81a574c58ebe24eb97ee869519f5d0031a8335370226 | Triage

Submit
Reports

Overview

overview

Static

static

XWorm.exe

windows7-x64

XWorm.exe

windows10-2004-x64

Analysis

max time kernel
148s
max time network
31s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
22/05/2023, 08:39

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

XWorm.exe

Resource

win7-20230220-en

xworm rat trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

XWorm.exe

Resource

win10v2004-20230220-en

xworm rat trojan

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

XWorm.exe
Size

90KB
MD5

1dc0ce6f92aa7aaaaaec0bbf2cf0be94
SHA1

961e990d821b8ce87791f61d0f53a1cfa327dcd3
SHA256

bef2ed0a20aea417015b81a574c58ebe24eb97ee869519f5d0031a8335370226
SHA512

99b6827189b45ec08662c3648ba34588ff9c412ecc8f20b8d0c3806b372b1a09e1fc81a32251a1eece9415724585d1b72a038ad24c523696130900e706f60ac9
SSDEEP

768:JBISmPlxMcazgTKd3iz5RVw6zlDq3RzUJ/pJCxE85:JBIzmyt/w6h2RzkJCx5

Score

10^/10

xworm rat trojan

Malware Config

Extracted

Family

xworm

Mutex

UCLCU6390UZNp9OE

Attributes

install_file
USB.exe

aes.plain

Signatures

Xworm
Xworm is a remote access trojan written in C#.
trojan rat xworm

Processes

C:\Users\Admin\AppData\Local\Temp\XWorm.exe
"C:\Users\Admin\AppData\Local\Temp\XWorm.exe"
1⤵
PID:1704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1704-54-0x0000000000970000-0x000000000098C000-memory.dmp

Filesize
112KB

Download
memory/1704-55-0x000000001AF80000-0x000000001B000000-memory.dmp

Filesize
512KB

Download
memory/1704-56-0x000000001AF80000-0x000000001B000000-memory.dmp

Filesize
512KB

Download

© 2018-2025

Terms | Privacy