xworm | c7432706814d6536d4d4ced016274883a81d79fd18a85d7af1d54f690d4fe4bc | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

Project.No...er.exe

windows11-21h2-x64

Sharing

General

Target

Project.Nova.Manager.exe
Size

257KB
Sample

240128-18jjqacghp
MD5

26eb1cb8c1151f6f6c9896bc1e866d55
SHA1

3aa45f36911679e61e0eab7742c07868da6347ad
SHA256

c7432706814d6536d4d4ced016274883a81d79fd18a85d7af1d54f690d4fe4bc
SHA512

95f0d1b79d3455b55912a3e4ef87dada9473f13546b967f112eb4c8ac7f34c5cc5089f6f6b2ebe2c7f35dee42b40033b2872f087e48901202d5f6e0db6cc0473
SSDEEP

6144:iSncRl9e39cQpsO4jajCIvpe/ZNQZuhfLguQ00KHTl:P4TJjJIkhCP27H

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Project.Nova.Manager.exe

Resource

win11-20231222-en

xworm rat trojan

windows11-21h2-x64

2 signatures

1800 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

Mutex

O0ZX0px0G0o1uOFK

Attributes

Install_directory
%ProgramData%
install_file
$77svchost.exe
telegram
https://api.telegram.org/bot6094198209:AAGtbuJi6hBqVBpkxn3UzVsVOtCJjMn1cjE

aes.plain

Targets

- Target
  
  Project.Nova.Manager.exe
- Size
  
  257KB
- MD5
  
  26eb1cb8c1151f6f6c9896bc1e866d55
- SHA1
  
  3aa45f36911679e61e0eab7742c07868da6347ad
- SHA256
  
  c7432706814d6536d4d4ced016274883a81d79fd18a85d7af1d54f690d4fe4bc
- SHA512
  
  95f0d1b79d3455b55912a3e4ef87dada9473f13546b967f112eb4c8ac7f34c5cc5089f6f6b2ebe2c7f35dee42b40033b2872f087e48901202d5f6e0db6cc0473
- SSDEEP
  
  6144:iSncRl9e39cQpsO4jajCIvpe/ZNQZuhfLguQ00KHTl:P4TJjJIkhCP27H
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy