xworm | 3c7bd4fc2dbce2b91b4f05abce2e4ad0809c62d452432cb06f6bad55fc04c4d1 | Triage

Submit
Reports

Overview

overview

Static

static

3

SFX.exe

windows7-x64

Sharing

General

Target

SFX.exe
Size

3.6MB
Sample

230826-sppydsdc8z
MD5

645235b9ddb0045556c55cd47773bef1
SHA1

db55a92f67fe795b79f2232c41a2f6ebcb4e868c
SHA256

3c7bd4fc2dbce2b91b4f05abce2e4ad0809c62d452432cb06f6bad55fc04c4d1
SHA512

88fa25af846bd621859663745a9ab5aa1cdfe4af5d23a50a6ef41da38aa2dedb34d88e2e51d840824525e01199015589245bd867712d735ed8463541c9f9b24e
SSDEEP

98304:20ilsDX8etMPDi7WCM1LCvZhigmovxZ0kZt:Mq76PDiiC8CvZNzFr

Score

10^/10

xworm rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

SFX.exe

Resource

win7-20230712-en

xworm rat trojan

windows7-x64

12 signatures

1200 seconds

Malware Config

Extracted

Family

xworm

C2

classic-lovers.at.ply.gg:11647

Attributes

install_file
avp.exe

Targets

- Target
  
  SFX.exe
- Size
  
  3.6MB
- MD5
  
  645235b9ddb0045556c55cd47773bef1
- SHA1
  
  db55a92f67fe795b79f2232c41a2f6ebcb4e868c
- SHA256
  
  3c7bd4fc2dbce2b91b4f05abce2e4ad0809c62d452432cb06f6bad55fc04c4d1
- SHA512
  
  88fa25af846bd621859663745a9ab5aa1cdfe4af5d23a50a6ef41da38aa2dedb34d88e2e51d840824525e01199015589245bd867712d735ed8463541c9f9b24e
- SSDEEP
  
  98304:20ilsDX8etMPDi7WCM1LCvZhigmovxZ0kZt:Mq76PDiiC8CvZNzFr
Score

10^/10

xworm rat trojan
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy