xworm | 22aa8b082af7d4a7401d2bf5aed386cf48c072d1d909d636d367ccdf1a8bd765 | Triage

Submit
Reports

Overview

overview

Static

static

XClient.exe

windows7-x64

XClient.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

XClient.exe
Size

37KB
Sample

240129-r2q6jsdefn
MD5

a74444f4565c1ac3821700e5363c1422
SHA1

79b7cdec0ae6228cfd59f7d4b2c4e16b5ad612b5
SHA256

22aa8b082af7d4a7401d2bf5aed386cf48c072d1d909d636d367ccdf1a8bd765
SHA512

b4e04791461c5c9fe9dfea777b7e98e29daafd383db318743fa024b04d3604ba78e719e9255ac26ee07996732bbded46a23be0baa90ece8594cafe4d577f1d52
SSDEEP

384:lE2NMUua+vNu/3ZNxASEbljRNhLuqNTYvFrBHBs+iAfApkFCBLTsOZwpGN2v99IB:Sa+vNIFEZTN7NUvBBf3Fv9LRHOBhX9

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

XClient.exe

Resource

win7-20231215-en

xworm rat trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

XClient.exe

Resource

win10v2004-20231215-en

xworm rat trojan

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

172.29.44.9:3389

Mutex

YHZ42LUDmfRouYyX

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  XClient.exe
- Size
  
  37KB
- MD5
  
  a74444f4565c1ac3821700e5363c1422
- SHA1
  
  79b7cdec0ae6228cfd59f7d4b2c4e16b5ad612b5
- SHA256
  
  22aa8b082af7d4a7401d2bf5aed386cf48c072d1d909d636d367ccdf1a8bd765
- SHA512
  
  b4e04791461c5c9fe9dfea777b7e98e29daafd383db318743fa024b04d3604ba78e719e9255ac26ee07996732bbded46a23be0baa90ece8594cafe4d577f1d52
- SSDEEP
  
  384:lE2NMUua+vNu/3ZNxASEbljRNhLuqNTYvFrBHBs+iAfApkFCBLTsOZwpGN2v99IB:Sa+vNIFEZTN7NUvBBf3Fv9LRHOBhX9
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy