xworm | b3be72938bd23fe344ca129929f942dfe44306f5f312ffa987a773b35c8f74c9 | Triage

Submit
Reports

Overview

overview

Static

static

f116d37277...98.exe

windows7-x64

f116d37277...98.exe

windows10-2004-x64

Sharing

General

Target

b3be72938bd23fe344ca129929f942dfe44306f5f312ffa987a773b35c8f74c9
Size

34KB
Sample

240419-vpdlgaab73
MD5

4ec1a390554865444859f08562ba57eb
SHA1

4f26046db6362f6c41c38d02e18d7d7ef0d8f45e
SHA256

b3be72938bd23fe344ca129929f942dfe44306f5f312ffa987a773b35c8f74c9
SHA512

bad20a2bddaa84b53671db9cd24ddecda020a00d67e8f4ad586101f0530ba18db7c246162dd684fbbe4f8fa479bc25b9b09a33c2b0d0bb2374c68e3df832332e
SSDEEP

768:fUYbFTT4U5sa5hd0afYFThJ2TFbO0fLZR6CCaOS8jie+:fUYhTT42sa5EagFT3b0zuCxYjU

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

f116d37277079d2fc5ed92a6c3a74ddc4a19e46b59cc2fbc4999f3aa6e979198.exe

Resource

win7-20240221-en

xworm rat trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

f116d37277079d2fc5ed92a6c3a74ddc4a19e46b59cc2fbc4999f3aa6e979198.exe

Resource

win10v2004-20240412-en

xworm rat trojan

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

xworm

C2

rdm.accesscam.org:5999

Attributes

install_file
USB.exe

Targets

- Target
  
  f116d37277079d2fc5ed92a6c3a74ddc4a19e46b59cc2fbc4999f3aa6e979198.exe
- Size
  
  56KB
- MD5
  
  4b9ca09632e1dc3ba0fcf5fcc494677a
- SHA1
  
  10a3e8227977f39d2c87d8d376e05e2625691f99
- SHA256
  
  f116d37277079d2fc5ed92a6c3a74ddc4a19e46b59cc2fbc4999f3aa6e979198
- SHA512
  
  faea149f2276d6c584e5dcb2e9c792c474b3c1483e64514074c4a034e59f568391a587b2fc473c926d99ce8a8f9156125630c672f7c8c2f51993816298e390a4
- SSDEEP
  
  1536:vhI2U6se+5EgM1zBrRkbTnOxi4O5WoOMls:vAVEgM1zhRkbTNhOMS
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy