xworm | 26ad2e3f7bae463a2ca610e733977148b49627aeaa070c543179544a1a26557c | Triage

Submit
Reports

Overview

overview

Static

static

notrat.exe

windows10-1703-x64

notrat.exe

windows11-21h2-x64

Sharing

General

Target

notrat.exe
Size

51KB
Sample

240224-xl4plabf26
MD5

5ec8aa999dbe61e15500812a06f678f1
SHA1

8882c4d620eae217e9dbab539811c336f1cc0d59
SHA256

26ad2e3f7bae463a2ca610e733977148b49627aeaa070c543179544a1a26557c
SHA512

a5503f857fabd846b5d7d6f7e9771ad634d402846e4cf12d6c28a6d2845c3787030d7a3cfc8d48aa2dced16d1bc6c7e57394905a27ed70b57943d7dd2cbd57cf
SSDEEP

768:FKpjk78AwHS20x6/fXYnQpvEqBaBK/kbNZJgQCy36/8WzOUh6Mo4HD:Ypw8yMfXYQsqBaB+kbNZJT6/JzOUPj

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

notrat.exe

Resource

win10-20240221-en

xworm rat trojan

windows10-1703-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

notrat.exe

Resource

win11-20240221-en

xworm rat trojan

windows11-21h2-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  notrat.exe
- Size
  
  51KB
- MD5
  
  5ec8aa999dbe61e15500812a06f678f1
- SHA1
  
  8882c4d620eae217e9dbab539811c336f1cc0d59
- SHA256
  
  26ad2e3f7bae463a2ca610e733977148b49627aeaa070c543179544a1a26557c
- SHA512
  
  a5503f857fabd846b5d7d6f7e9771ad634d402846e4cf12d6c28a6d2845c3787030d7a3cfc8d48aa2dced16d1bc6c7e57394905a27ed70b57943d7dd2cbd57cf
- SSDEEP
  
  768:FKpjk78AwHS20x6/fXYnQpvEqBaBK/kbNZJgQCy36/8WzOUh6Mo4HD:Ypw8yMfXYQsqBaB+kbNZJT6/JzOUPj
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy