xworm | 2504752b964f0cca95803fab3e9af22d99639ec199a1d5f58618eec156d4f69a | Triage

Submit
Reports

Overview

overview

Static

static

3

payload.dll

windows10-1703-x64

Resubmissions

17/08/2023, 13:22

230817-ql8j8ahe52 10

16/08/2023, 12:30

230816-ppmaqacf2z 3

Sharing

Copy URL Twitter E-mail

General

Target

19e15e0514d4837c6b8354f71788f94f.zip
Size

160KB
Sample

230817-ql8j8ahe52
MD5

19e15e0514d4837c6b8354f71788f94f
SHA1

dcafc2511109c57135d62f7b6e44e7f02cb48274
SHA256

2504752b964f0cca95803fab3e9af22d99639ec199a1d5f58618eec156d4f69a
SHA512

325c80bd2f217024c42c2363b5200955c948b1a4ab64ef5b7d3cb22afd98e5c695d46133afdcdba4e633c1ca93ec4fa5c7a417b497163227c88601eada4b5098
SSDEEP

3072:jN114nPDQv6ZRDI3El/tZrBJoZNZd6+C8NIWAZ5eG7vSTyKrsCVlYZ2zIwYanku5:jr1oQARwEl/jVJoZNZnC8iqG7vSuklVT

Score

10^/10

xworm rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

payload.dll

Resource

win10-20230703-en

xworm rat trojan

windows10-1703-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

xworm

C2

churchxx.ddns.net:7000

Mutex

mY7gFhCy5a7coxxw

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  payload.dll
- Size
  
  274KB
- MD5
  
  aa9991d405f0742d592ca9a3c193a931
- SHA1
  
  5c982ab423e2bd44628e8477a571cfee17e554b5
- SHA256
  
  fcf532d6bfb6e1c5707b341f7a7ef6f7ee09003f6d4314064ab69d89403acc09
- SHA512
  
  fc5b4ec671aaf2cc1ede2172bc6ddf5efabad26aca5df86f53f591277f52a1e552cb68d20a4165042d5263b34b954e64e20f9f4f6d04f769de3189e9bc4f852f
- SSDEEP
  
  6144:MZQUlCQzPuc3QqCjXvvGio1TAXaDuGsFVncn:QjlCO5gnrvroCaDuGs/
Score

10^/10

xworm rat trojan
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy