xworm | 245be3c9fda90098752249339dc4a9d2d5f6bdd5aec6b90dbe3db6c297109829 | Triage

Submit
Reports

Overview

overview

Static

static

Windowstemp32.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

Windowstemp32.exe
Size

30KB
Sample

230807-t34t5shf9s
MD5

a842900fcdfdefc046228ecd36e89535
SHA1

b680903a68629dbc661c370e21c82648db641968
SHA256

245be3c9fda90098752249339dc4a9d2d5f6bdd5aec6b90dbe3db6c297109829
SHA512

7cab3bc5777f0e8e28e40756bbb801d374f8982d75d448fd1c3147e2731d14ab35ac1ae26f349fa788e02a010c62e00689b4ab8362eeb6771f78bd6d33f638d8
SSDEEP

768:4Fx7s4EQu1YETDUAsbBFR9RYsOqhxb066:ix7b3AsFFR9RYsOqHb

Score

10^/10

xworm rat trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Windowstemp32.exe

Resource

win10v2004-20230703-en

xworm rat trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

xworm

C2

mm-certain.gl.at.ply.gg:18828

Mutex

PzeBrkDbAQT6aLIC

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  Windowstemp32.exe
- Size
  
  30KB
- MD5
  
  a842900fcdfdefc046228ecd36e89535
- SHA1
  
  b680903a68629dbc661c370e21c82648db641968
- SHA256
  
  245be3c9fda90098752249339dc4a9d2d5f6bdd5aec6b90dbe3db6c297109829
- SHA512
  
  7cab3bc5777f0e8e28e40756bbb801d374f8982d75d448fd1c3147e2731d14ab35ac1ae26f349fa788e02a010c62e00689b4ab8362eeb6771f78bd6d33f638d8
- SSDEEP
  
  768:4Fx7s4EQu1YETDUAsbBFR9RYsOqhxb066:ix7b3AsFFR9RYsOqHb
Score

10^/10

xworm rat trojan
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy