xworm | e942b259d8288d08b40f32da5ae64d3248279996c163e373306b26b959cf97fa | Triage

Submit
Reports

Overview

overview

Static

static

83b91f0981...52.exe

windows7-x64

83b91f0981...52.exe

windows10-2004-x64

Sharing

General

Target

12b9fd9acbc1ad0d11ea58a6930f119c.bin
Size

34KB
Sample

231008-bgr94shb5y
MD5

de516b715012928bac09fe1895d462c1
SHA1

85472ddf7a36c98a47abc4347cd7a086fe5319a2
SHA256

e942b259d8288d08b40f32da5ae64d3248279996c163e373306b26b959cf97fa
SHA512

7cce8cc272ff11572fed383d51762c241511d1a3ebfd3fd22553f650e492960ce23f0c089aa9612aa87d7dbc520effcfd73f91cdb484a67895bfd60197e0ec2f
SSDEEP

768:kWxPCeRl1h2jINQniqdjlskzJMxTWVX8/pUqb5L1xSYfrr9yf:DCeRDh2jaQiksQMy8RUGQorpyf

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

83b91f098157b5ba0147972c1d5c4d751d66fc59d7645e2e643ce863101f6d52.exe

Resource

win7-20230831-en

xworm rat trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

83b91f098157b5ba0147972c1d5c4d751d66fc59d7645e2e643ce863101f6d52.exe

Resource

win10v2004-20230915-en

xworm rat trojan

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

3.1

C2

serverwindor.duckdns.org:5000

Attributes

install_file
USB.exe

Targets

- Target
  
  83b91f098157b5ba0147972c1d5c4d751d66fc59d7645e2e643ce863101f6d52.exe
- Size
  
  56KB
- MD5
  
  12b9fd9acbc1ad0d11ea58a6930f119c
- SHA1
  
  87bb96efa520bdeea7cbee4559336610bc74d4f5
- SHA256
  
  83b91f098157b5ba0147972c1d5c4d751d66fc59d7645e2e643ce863101f6d52
- SHA512
  
  36fe4456888c98f277086984d3145c9d588fffebe4f781c40d6a8de763817dfdf6c2662ce406839f4b0511bf934d6a6091fb1f25465fe262590f5c6d30b400d6
- SSDEEP
  
  768:yq2y5DshJuRXXjnfdD5ZjKo0o/aptgEbyQwFMCDaYJ0Y5sALNApOoghJIFlJhZxE:lM2HjzZuoPaxbyQwFX+uGpOXv4/BK
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy