05fada2e6713448dbbe9d21ebb526de06dc06e7c330288f571e929cd6f6e7e6c | Triage

Submit
Reports

Overview

overview

Static

static

XWorm V5.2...db.dll

windows10-2004-x64

1

XWorm V5.2...db.dll

windows10-2004-x64

1

XWorm V5.2...ks.dll

windows10-2004-x64

1

XWorm V5.2...il.dll

windows10-2004-x64

1

XWorm V5.2...ts.dll

windows10-2004-x64

1

XWorm V5.2...re.dll

windows10-2004-x64

1

XWorm V5.2...rs.dll

windows10-2004-x64

1

XWorm V5.2...ed.dll

windows10-2004-x64

1

XWorm V5.2...ls.dll

windows10-2004-x64

1

XWorm V5.2/NAudio.dll

windows10-2004-x64

1

XWorm V5.2...on.dll

windows10-2004-x64

1

XWorm V5.2...ws.dll

windows10-2004-x64

1

XWorm V5.2...ne.dll

windows10-2004-x64

1

XWorm V5.2...at.dll

windows10-2004-x64

1

XWorm V5.2...rd.dll

windows10-2004-x64

1

XWorm V5.2...ss.dll

windows10-2004-x64

1

XWorm V5.2...er.dll

windows10-2004-x64

1

XWorm V5.2...er.dll

windows10-2004-x64

1

XWorm V5.2...er.dll

windows10-2004-x64

1

XWorm V5.2...DP.dll

windows10-2004-x64

1

XWorm V5.2...NC.dll

windows10-2004-x64

1

XWorm V5.2...ry.dll

windows10-2004-x64

1

XWorm V5.2...ps.dll

windows10-2004-x64

1

XWorm V5.2...ns.dll

windows10-2004-x64

1

XWorm V5.2...er.dll

windows10-2004-x64

1

XWorm V5.2...ps.dll

windows10-2004-x64

1

XWorm V5.2...ox.dll

windows10-2004-x64

1

XWorm V5.2...ne.dll

windows10-2004-x64

1

XWorm V5.2...sk.dll

windows10-2004-x64

1

XWorm V5.2...ns.dll

windows10-2004-x64

1

XWorm V5.2...me.dll

windows10-2004-x64

1

XWorm V5.2...ce.dll

windows10-2004-x64

1

Analysis

max time kernel
148s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240426-uk
resource tags

arch:x64arch:x86image:win10v2004-20240426-uklocale:uk-uaos:windows10-2004-x64systemwindows
submitted
10-05-2024 13:10

Sharing

Static task

static1

agilenet agenttesla stormkitty

7 signatures

Behavioral task

behavioral1

Sample

XWorm V5.2/Mono.Cecil.Mdb.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

XWorm V5.2/Mono.Cecil.Pdb.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

XWorm V5.2/Mono.Cecil.Rocks.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

XWorm V5.2/Mono.Cecil.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

XWorm V5.2/MonoMod.Backports.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

XWorm V5.2/MonoMod.Core.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

XWorm V5.2/MonoMod.ILHelpers.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

XWorm V5.2/MonoMod.Iced.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

XWorm V5.2/MonoMod.Utils.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

XWorm V5.2/NAudio.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

XWorm V5.2/Newtonsoft.Json.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

XWorm V5.2/Plugins/ActiveWindows.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

XWorm V5.2/Plugins/All-In-One.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

XWorm V5.2/Plugins/Chat.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

XWorm V5.2/Plugins/Clipboard.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

XWorm V5.2/Plugins/Cmstp-Bypass.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

XWorm V5.2/Plugins/FileManager.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

XWorm V5.2/Plugins/FileSeacher.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

XWorm V5.2/Plugins/HBrowser.dll

Resource

win10v2004-20240226-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

XWorm V5.2/Plugins/HRDP.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

XWorm V5.2/Plugins/HVNC.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

XWorm V5.2/Plugins/HVNCMemory.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

XWorm V5.2/Plugins/HiddenApps.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

XWorm V5.2/Plugins/Informations.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

XWorm V5.2/Plugins/Keylogger.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

XWorm V5.2/Plugins/Maps.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

XWorm V5.2/Plugins/MessageBox.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

XWorm V5.2/Plugins/Microphone.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

XWorm V5.2/Plugins/Ngrok-Disk.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

XWorm V5.2/Plugins/Options.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

XWorm V5.2/Plugins/Pastime.dll

Resource

win10v2004-20240426-uk

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

XWorm V5.2/Plugins/Performance.dll

Resource

win10v2004-20240508-uk

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

XWorm V5.2/Plugins/FileSeacher.dll
Size

478KB
MD5

fe625a7c51e699336f9acc3108437134
SHA1

50099ae8c3679930400261c80ade073157fe4f80
SHA256

68e4e6f42ffdf5ed18f1849e30f83b1baed1cfa57c68f57178bfa875e247c2b7
SHA512

26b9bf3c0b31fe029201c884f7d220b0bfe589d33dd6aa0dfd665c38af07c2352e89859198e0e9b18339c0e6c8f1e9c44358b222106531659aeb0d6f6c6c0c44
SSDEEP

6144:I88L5lWTUVRTw/l97teGtSV41QJDsTDDh0Yhe6dwxLV/tuhgpn5fWRBI+WR:hzTUVRTw1lS4Ys50ie6Cf4gpys

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\XWorm V5.2\Plugins\FileSeacher.dll",#1
1⤵
PID:4800

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy