xworm | 257a7c749dcad791ffcdcb1a34b5173c94cba699d2f917c3b8103fb8753fe7d6 | Triage

Submit
Reports

Overview

overview

Static

static

f35235d35e...64.exe

windows7-x64

f35235d35e...64.exe

windows10-2004-x64

Sharing

General

Target

257a7c749dcad791ffcdcb1a34b5173c94cba699d2f917c3b8103fb8753fe7d6
Size

20KB
Sample

240419-vpbf4sba41
MD5

f25e38434ef9ec457447634581acb6d2
SHA1

564bd7b229adc03d9809d768d90442c5fec3b816
SHA256

257a7c749dcad791ffcdcb1a34b5173c94cba699d2f917c3b8103fb8753fe7d6
SHA512

7f9e87d73f049e55f59f6df8636d5a4e70ae550257a3eb22d47db3b8672388c8b6b4b66146c161a67198a7cdfb83b2d07ad0d1f6700b385ff10671643529d022
SSDEEP

384:Bpfi09//gRK7z/jc2zHaVoAf4Xwv7avx+wzjKDqNQ3TIO:BpqVKP/jce93Xwvmvx+wHKIQ3TIO

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

f35235d35e19f8aa40812628b7f99836655ff553ef2baed436aefb3948a1eb64.exe

Resource

win7-20240221-en

xworm rat trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f35235d35e19f8aa40812628b7f99836655ff553ef2baed436aefb3948a1eb64.exe

Resource

win10v2004-20240412-en

xworm rat trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

146.190.57.132:7000

Mutex

pmpnRm4B5OQHJlSS

Attributes

install_file
USB.exe
telegram
https://api.telegram.org/bot6491699241:AAEzWMqxLHLa_DADVhFrtpk__NqYBpyS7tI/sendMessage?chat_id=6432387334

aes.plain

Targets

- Target
  
  f35235d35e19f8aa40812628b7f99836655ff553ef2baed436aefb3948a1eb64.exe
- Size
  
  41KB
- MD5
  
  73210e19a15b4d0e48934a721c60c0d9
- SHA1
  
  2542030af413a757ee39e86475af8b1f8af34dc3
- SHA256
  
  f35235d35e19f8aa40812628b7f99836655ff553ef2baed436aefb3948a1eb64
- SHA512
  
  d568665f0860735981920f27d819b9f694fb134e36d74d68254ba930331010b9f300829a525e449cb871ba52ca34131fb54a038aa708722da455cd98b8f6620b
- SSDEEP
  
  768:ShSVEHJAu6bIID7qRF3h9h0lO+h65iUm:ZVEp17I8Fx9hAO+wVm
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy