xworm | 73b1d875cd4951aa194194f5140dbc8ac11b3814c6fcb30ab4a0a623cc607101 | Triage

Submit
Reports

Overview

overview

Static

static

CommandX.exe

windows7-x64

CommandX.exe

windows10-2004-x64

Sharing

General

Target

CommandX.exe
Size

59KB
Sample

240420-vtdf9sdd95
MD5

d20dbb6cb7746cf235eb4e9121954ee3
SHA1

eff34ddaa81c20f4794edc1ef339adce0b57a1e7
SHA256

73b1d875cd4951aa194194f5140dbc8ac11b3814c6fcb30ab4a0a623cc607101
SHA512

6de89b3bd94031f0cad401d722dcdff13c8690ecc429a87e087e09ba4acd914fe003f0d79115aa99c01da345e7042c79dfa1b16f323717a0d8e01d9aedef09bf
SSDEEP

768:eMUgff8OvL+FVtpLq1TLxxoYWTzRrgVhP+bmrV6GebiLLRzO8rjh+LjTyuZ:0gffnqjt0nxxoYSxY+bmrVwolO20fnZ

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

CommandX.exe

Resource

win7-20231129-en

xworm rat trojan

windows7-x64

5 signatures

1800 seconds

Behavioral task

behavioral2

Sample

CommandX.exe

Resource

win10v2004-20240412-en

xworm rat trojan

windows10-2004-x64

5 signatures

1800 seconds

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:7000

Attributes

install_file
USB.exe

Targets

- Target
  
  CommandX.exe
- Size
  
  59KB
- MD5
  
  d20dbb6cb7746cf235eb4e9121954ee3
- SHA1
  
  eff34ddaa81c20f4794edc1ef339adce0b57a1e7
- SHA256
  
  73b1d875cd4951aa194194f5140dbc8ac11b3814c6fcb30ab4a0a623cc607101
- SHA512
  
  6de89b3bd94031f0cad401d722dcdff13c8690ecc429a87e087e09ba4acd914fe003f0d79115aa99c01da345e7042c79dfa1b16f323717a0d8e01d9aedef09bf
- SSDEEP
  
  768:eMUgff8OvL+FVtpLq1TLxxoYWTzRrgVhP+bmrV6GebiLLRzO8rjh+LjTyuZ:0gffnqjt0nxxoYSxY+bmrVwolO20fnZ
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy