xworm | 72ab332da034bd819d83d26272974048b24de773a3440d641202872161b3e514 | Triage

Sharing

General

Target

72ab332da034bd819d83d26272974048b24de773a3440d641202872161b3e514exe_JC.exe
Size

33KB
Sample

230805-qw4n1sch23
MD5

0d6f90b686dd1a079b2bd6e1f9d51771
SHA1

d58fe7ac7ed5cb5e8180f15f5033c1a311a57304
SHA256

72ab332da034bd819d83d26272974048b24de773a3440d641202872161b3e514
SHA512

2db3214d0eb6842b41f0b5ebf38641aeb2bdc41412ead735afd2b3c41c7d50e1f3579697f474f8ac1db6dce92230f234eeb7b21c9fbdb39e76c9a89e99f83ed2
SSDEEP

768:E4fK1pDGkptwyZScCBSUapNgqlGU/kZl+Bcg4tlTF5926O9hhSURx:sDGkptwyZScCkU4rAUsZcB54HF5926OR

Score

10^/10

xworm rat trojan

Malware Config

Extracted

Family

xworm

C2

dapperdesigns.for-better.biz:7000

Mutex

js7UGepRWuxCe9zF

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  72ab332da034bd819d83d26272974048b24de773a3440d641202872161b3e514exe_JC.exe
- Size
  
  33KB
- MD5
  
  0d6f90b686dd1a079b2bd6e1f9d51771
- SHA1
  
  d58fe7ac7ed5cb5e8180f15f5033c1a311a57304
- SHA256
  
  72ab332da034bd819d83d26272974048b24de773a3440d641202872161b3e514
- SHA512
  
  2db3214d0eb6842b41f0b5ebf38641aeb2bdc41412ead735afd2b3c41c7d50e1f3579697f474f8ac1db6dce92230f234eeb7b21c9fbdb39e76c9a89e99f83ed2
- SSDEEP
  
  768:E4fK1pDGkptwyZScCBSUapNgqlGU/kZl+Bcg4tlTF5926O9hhSURx:sDGkptwyZScCkU4rAUsZcB54HF5926OR
Score

10^/10

xworm rat trojan
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2