xworm | d8ac02467508302227e7e7904f17a78c60a72ef5ae7bd3b8e89ee60b1dd8dcfd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Minecraft Titan Launcher 3.8.4.zip
Size

3.8MB
Sample

231010-g99mrabe81
MD5

07aa7461ea3abfe48ac5eb698e7acd14
SHA1

d93bc1c98fe0adbbbdb5b493070a7c3ae792262a
SHA256

d8ac02467508302227e7e7904f17a78c60a72ef5ae7bd3b8e89ee60b1dd8dcfd
SHA512

b7859082bf118fdde99aac145e03da20b4c7fd299453e5d7416d45474868d5d56ddd100772e75c7300a56002ae01b30732d271cc7b95251901a90025ec85a7f5
SSDEEP

98304:UHza+jTgocrZuS3Mca0N9X505zMLz/QZm1/tyl8s:Egvh8aN305zMX/tt4h

Score

10^/10

xworm evasion rat trojan

Malware Config

Targets

- Target
  
  Minecraft Titan Launcher 3.8.4.exe
- Size
  
  4.4MB
- MD5
  
  62da1cde5869df964fc628ab9d226fb4
- SHA1
  
  6b4ebcd1685180d4e4477f5a7e9c36138e2e9aed
- SHA256
  
  51a8d363bee48c41e89fc5ff6b9659d93d9521d94b824df9cf907588c2246f44
- SHA512
  
  d29dc55c6ef957e624f445ca746db1e0bc4ba543df6e4aea4dc2f0ed8284bab80ff6268dc834722d695044cd1bb32cd6ca2086327aee22312b3d33bbd6b33d97
- SSDEEP
  
  98304:9Gz4kB1F8O+ZJpzMkqvc+tymgjSnm2Mwp3CTua:9YBcO+P2kqvchunHMwp3CTua
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1 behavioral2
- Target
  
  Minecraft mods.url
- Size
  
  128B
- MD5
  
  4dc95c4799f38348397919a59f4bfa12
- SHA1
  
  661a6db6ed68ada8fc82204dd6d2a54dee6d7823
- SHA256
  
  9ce6ff5d49e468fcbaca728a126745c62d3103d5ca9bd48333119caf3d9248ee
- SHA512
  
  1bd301252eacc9d16e2435e1f989fbdfbc0fdc160358a121a46a5f0470d6a02850d56786c8d0766abb0b1a22533f1f5df332d34a58fa01eaeaeac31a06a9e162
Score

1^/10
behavioral3 behavioral4
- Target
  
  Readme.url
- Size
  
  135B
- MD5
  
  8bcf81849af7c63ca744acff2b0d9545
- SHA1
  
  ee65c64b4002f3d307c4fb43d3d3ae663851119c
- SHA256
  
  4f2aa12e56e93770ece7c8fedd4a7f28a1cebf5058f916aeb56e3344e6c0d69b
- SHA512
  
  86167e3f9be70e46a7aa0e6911e17ae5e340ab12717c2cea62fc89fe0496e1f2fcbd5aa4facebd0e337d54dd415424e5ffee99ddb5c92e605aef8d382c1bd9cf
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6