3083471838ca2c7f5c63ffde807c0cf2be168ec3c41c13eb80c49224bf7473c6 | Triage

Submit
Reports

Overview

overview

Static

static

xw/Fixer.bat

windows10-2004-x64

1

xw/NAudio.dll

windows10-2004-x64

1

xw/Plugins...ws.dll

windows10-2004-x64

1

xw/Plugins...ne.dll

windows10-2004-x64

1

xw/Plugins/Chat.dll

windows10-2004-x64

1

xw/Plugins...er.dll

windows10-2004-x64

1

xw/Plugins/HRDP.dll

windows10-2004-x64

1

xw/Plugins/HVNC.dll

windows10-2004-x64

1

xw/Plugins...ns.dll

windows10-2004-x64

1

xw/Plugins...sk.dll

windows10-2004-x64

1

xw/Plugins...ns.dll

windows10-2004-x64

1

xw/Plugins...me.dll

windows10-2004-x64

1

xw/Plugins...ce.dll

windows10-2004-x64

1

xw/Plugins...er.dll

windows10-2004-x64

1

xw/Plugins...ms.dll

windows10-2004-x64

1

xw/Plugins...re.dll

windows10-2004-x64

1

xw/Plugins...ry.dll

windows10-2004-x64

1

xw/Plugins...it.dll

windows10-2004-x64

1

xw/Plugins...op.dll

windows10-2004-x64

1

xw/Plugins...xy.dll

windows10-2004-x64

1

xw/Plugins/RunPE.dll

windows10-2004-x64

1

xw/Plugins/Shell.dll

windows10-2004-x64

1

xw/Plugins...er.dll

windows10-2004-x64

1

xw/Plugins...ns.dll

windows10-2004-x64

1

xw/Plugins...ss.dll

windows10-2004-x64

1

xw/Plugins...er.dll

windows10-2004-x64

1

xw/Plugins/WSound.dll

windows10-2004-x64

1

xw/Plugins/WebCam.dll

windows10-2004-x64

1

xw/SimpleO...or.dll

windows10-2004-x64

1

xw/XWorm V...w5.exe

windows10-2004-x64

1

xw/build.exe

windows10-2004-x64

Analysis

max time kernel
60s
max time network
67s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
28-08-2023 14:33

Sharing

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

xw/Fixer.bat

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral2

Sample

xw/NAudio.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral3

Sample

xw/Plugins/ActiveWindows.dll

Resource

win10v2004-20230824-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral4

Sample

xw/Plugins/All-In-One.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral5

Sample

xw/Plugins/Chat.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral6

Sample

xw/Plugins/FileSeacher.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral7

Sample

xw/Plugins/HRDP.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral8

Sample

xw/Plugins/HVNC.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral9

Sample

xw/Plugins/Informations.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral10

Sample

xw/Plugins/Ngrok-Disk.dll

Resource

win10v2004-20230824-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral11

Sample

xw/Plugins/Options.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral12

Sample

xw/Plugins/Pastime.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral13

Sample

xw/Plugins/Performance.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral14

Sample

xw/Plugins/ProcessManager.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral15

Sample

xw/Plugins/Programs.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral16

Sample

xw/Plugins/Ransomware.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral17

Sample

xw/Plugins/Recovery.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral18

Sample

xw/Plugins/Regedit.dll

Resource

win10v2004-20230824-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral19

Sample

xw/Plugins/RemoteDesktop.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral20

Sample

xw/Plugins/ReverseProxy.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral21

Sample

xw/Plugins/RunPE.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral22

Sample

xw/Plugins/Shell.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral23

Sample

xw/Plugins/StartupManager.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral24

Sample

xw/Plugins/TCPConnections.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral25

Sample

xw/Plugins/UACBypass.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral26

Sample

xw/Plugins/VB.NET Compiler.dll

Resource

win10v2004-20230824-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral27

Sample

xw/Plugins/WSound.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral28

Sample

xw/Plugins/WebCam.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral29

Sample

xw/SimpleObfuscator.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral30

Sample

xw/XWorm V3.0- Crk by glfw5.exe

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

60 seconds

Behavioral task

behavioral31

Sample

xw/build.exe

Resource

win10v2004-20230703-en

xworm evasion persistence rat trojan upx

windows10-2004-x64

17 signatures

60 seconds

Report Analysis Logs

General

Target

xw/Plugins/Options.dll
Size

29KB
MD5

90a1c5c0d1cd88b6fe390278c93c4530
SHA1

b4bec20a1c53e8255518505709a8947dcf7e13aa
SHA256

035f48b413cf328ddf2bada1b6afd5698f9b8cddf2bcc0187a97629f1063c042
SHA512

ade19d4160bee947a0df9b5bc0ecb4976c1e4ba848e9360b978429fd94aa39a00016107d3daefdc795e45bcb3717c9673fdc543ef544b3e11d92ecfc473c71e8
SSDEEP

768:01fYFYWjF84UGEm3uGIKxbF/OfUs5Rd794kv:YfYFYWjUm3uabF/1s5Rd79R

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\xw\Plugins\Options.dll,#1
1⤵
PID:4552

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy