xworm | 30e9d6da81c87ab58d9575188664de49b2c434f6b1346a2a5033b49992254464 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

payload.dll

windows7-x64

1

payload.dll

windows10-2004-x64

Sharing

General

Target

payload.zip
Size

519KB
Sample

231013-dgs8hsde72
MD5

14711210c0f7e1bd9af1f8dcf1c41f35
SHA1

4a48a0793671a0ad805b336e0e83268432f34d06
SHA256

30e9d6da81c87ab58d9575188664de49b2c434f6b1346a2a5033b49992254464
SHA512

1e684a6edff2bc87dfa6d2b66c50c9f5f5951a98c0ec39e89874347d4e2b0d26487441c4a163ca1d1b5a0633235e40dab1ac2876f326d291262869ad9f428fa7
SSDEEP

3072:gqaeEOk3gWdflsgC72aemzez6mTTEQOPM5TfL+E9waiWdsokN1cx24dG4mmjyVcT:gkBQgWp3emTuPqCESIdsfPcxLJ5xRsTm

Score

10^/10

xworm rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

payload.dll

Resource

win7-20230831-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

payload.dll

Resource

win10v2004-20230915-en

xworm rat trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

3.1

C2

mikexwormxxxyy.ddns.net:7000

Mutex

ir1SigksGA3TjceN

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  payload.dll
- Size
  
  300.0MB
- MD5
  
  3ba404b551a241dfb984735c87622741
- SHA1
  
  1b2a4cbdacf4f33c8f863d557744bb18ba8485f6
- SHA256
  
  b4717d4c65dc8d69d33ac0dc7d3f7608637a420cd3454f4eec0a2238d83327d4
- SHA512
  
  3ec6d0ab748c0920d42def7e722847fefc6466142f8221589d14111311726ceb015f0ef60bb4bc8b086f5e6cd5073e6c8a2fb4f8dd8003121c5216a944430b21
- SSDEEP
  
  6144:iA+z1A+PNVjAyk6GEmmF/aKCH+MuzMy4:mAGkbFt+
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy