xworm | b25585ff65dc06a05a82635f8162c592cf35cc789e7a4c805c0c5dd348797b49 | Triage

Submit
Reports

Overview

overview

Static

static

4c80886612...3d.exe

windows7-x64

4c80886612...3d.exe

windows10-2004-x64

Sharing

General

Target

b25585ff65dc06a05a82635f8162c592cf35cc789e7a4c805c0c5dd348797b49
Size

16KB
Sample

240419-vn7g6aba4t
MD5

9767212506f9fa1c194b40e7d46bc590
SHA1

1f51f5a9886ff3cfde0a3e375a601be03b0cdb5a
SHA256

b25585ff65dc06a05a82635f8162c592cf35cc789e7a4c805c0c5dd348797b49
SHA512

ea163a7ed1c77c6ce1ee6cb0a83c1bdc90a34b5fe4b865cfa0ccbe227b9eb2084c2b5bd698161d5b32b84996c1a4f51ebbf4392629451b3a84813d861dbe6782
SSDEEP

384:gJqZfIzrXo9+4hvTPh6Db83QZ7f+ufDB4QEgr:gEZf4rrst3Nuft

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

4c8088661259a41032568d840aaa591aff00751c6b4fff74b0aa4751e7ab0b3d.exe

Resource

win7-20240221-en

xworm rat trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

4c8088661259a41032568d840aaa591aff00751c6b4fff74b0aa4751e7ab0b3d.exe

Resource

win10v2004-20240226-en

xworm rat trojan

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

45.138.16.125:7000

Mutex

i6tci9ARV52IqCB2

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  4c8088661259a41032568d840aaa591aff00751c6b4fff74b0aa4751e7ab0b3d.exe
- Size
  
  33KB
- MD5
  
  b5f31bb0c6d46adc2efa738c1485032c
- SHA1
  
  12fc967f395e965b3b2d2776bf1913680bdfeaa5
- SHA256
  
  4c8088661259a41032568d840aaa591aff00751c6b4fff74b0aa4751e7ab0b3d
- SHA512
  
  e9037e8216a60a73130596f627d9ddf1a39af9dca6597b629b83723dc501858ec5688dc35c54eeb52421bf63ffc311130d5cb7e28e628169550c5bc2ab81fb05
- SSDEEP
  
  384:+E8PQ9Ba+vNuntf98d6ILj7CM42pfL3iB7OxVqWlKRApkFXBLTsOZwpGN2v99IkP:IUa+vNohsXn42JiB70qVF49j0OjhCby
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy