xworm | 44918becfdb707e509e59491ffe33460fac7fccfe7873e83b56ae9e1fa83b9ff | Triage

Submit
Reports

Overview

overview

Static

static

3

load.exe

windows7-x64

1

load.exe

windows10-2004-x64

Sharing

General

Target

15907f8b3e3af17b68e1d45a95eef02e.bin
Size

223KB
Sample

231012-vtrnwsdf4v
MD5

e9ce1750aa863a33fa55602d138476e5
SHA1

b40d8eb3ffe05e3d033c02996609153a0dba0db3
SHA256

44918becfdb707e509e59491ffe33460fac7fccfe7873e83b56ae9e1fa83b9ff
SHA512

b8fd1a1afe73695dbe659a03266f4a20012d35c986b4a75672efd061420da7bbe24d75a59271313ad6edca4f8e5c35816cf78995d3e4df2eb3fbe8b2f1fefe3d
SSDEEP

3072:hF4ThIj31mSZfID3zs4TbUN3S1GIxIRfLrTbHwDIKgV2pXvGvBYKvg0F:hF4ThIj3fZ2jpbuCYImRjrvHEXYBrv5

Score

10^/10

xworm rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

load.exe

Resource

win7-20230831-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

load.exe

Resource

win10v2004-20230915-en

xworm rat trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

3.1

C2

freshinxworm.ddns.net:7000

Mutex

pX3t5E93mWOIWMg1

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  load.exe.exe
- Size
  
  2.0MB
- MD5
  
  b1c405577c64cb91aceae1beeec5a6cf
- SHA1
  
  ba1a03540f1cbe62ceb6523093a288682380d5ee
- SHA256
  
  036db747914ccb896aa34f6c58f9f7b2343fb031c2fef98558925526941ad74b
- SHA512
  
  cecfb576bf878d7ba27d64cda129894daa84bfce99dd30e66e77af877e64d24c6cf427b31f5e5196a6a6bf778a5b5ad38d7505034c9109b26283a49becc061d7
- SSDEEP
  
  6144:1A8BdXQQd50VIfoEWlvf4Dxqa0aeytsnHCH5:DXv1VWlX43tw
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy