xworm | b284e4f4047ec04542fc1a2c87d779229f5ad4ab6c4e02d7f0ff6806df8a4563 | Triage

Submit
Reports

Overview

overview

Static

static

46f16261cc...b9.exe

windows7-x64

46f16261cc...b9.exe

windows10-2004-x64

Sharing

General

Target

b284e4f4047ec04542fc1a2c87d779229f5ad4ab6c4e02d7f0ff6806df8a4563
Size

37KB
Sample

240419-wy26vsbg92
MD5

681b966993378a2b076e6172eaf2f58f
SHA1

256638249e7379fce7efcd398398da346d3502aa
SHA256

b284e4f4047ec04542fc1a2c87d779229f5ad4ab6c4e02d7f0ff6806df8a4563
SHA512

460f490812855c75035ac4ed047f5019fb2dc4b620c5317348e5aabd0ab0ff03d185b6f081809c78a1ef044bbc06b2c6c8b628266e8918ebae1c98cd94ab447c
SSDEEP

768:ydN5LbMmQ9lS532hD9obM8EOb4xqf/vrlQz33qRcLWROM8uEQVIevD4w:yRO9lC3+KQ8J4wfLCeRcLoE0LN

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

46f16261cc1ad6d2975a966ad97ef1752027e67795333a27ed01353d688317b9.exe

Resource

win7-20240220-en

xworm rat trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

46f16261cc1ad6d2975a966ad97ef1752027e67795333a27ed01353d688317b9.exe

Resource

win10v2004-20240412-en

xworm rat trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

3.0

C2

venom.giize.com:46876

Attributes

Install_directory
%LocalAppData%
install_file
USB.exe

Targets

- Target
  
  46f16261cc1ad6d2975a966ad97ef1752027e67795333a27ed01353d688317b9
- Size
  
  62KB
- MD5
  
  664239722df2540dc9383696b7ded567
- SHA1
  
  f9d7fa86edc0a189a1e281b01d30613dcce58e53
- SHA256
  
  46f16261cc1ad6d2975a966ad97ef1752027e67795333a27ed01353d688317b9
- SHA512
  
  26521e23f3d2c7f5533577611dec88a9f5d06b6bdc34fdfe5cd2f83c60b8c878938aa452c1d54a46d04e7b17cd1d3533dae028b1b226aaad2ec3f50b8e24bf3e
- SSDEEP
  
  1536:XxKtcSMzgqpjqM0vGT+Xab1ZwetHvt+tlRgOp97P:hGMz5jqM0uT+Xab1t5t+toOp97P
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy