8a7d20fb5bc7ef8b02ab6e11ef78ebc0a31ba5376bd97d40fe5d1da521324556 | Triage

Submit
Reports

Overview

overview

Static

static

XWorm-Rat-...in.zip

windows10-2004-x64

1

XWorm-Rat-...TP.dll

windows10-2004-x64

1

XWorm-Rat-...er.exe

windows10-2004-x64

1

XWorm-Rat-...ox.dll

windows10-2004-x64

1

XWorm-Rat-...er.bat

windows10-2004-x64

5

XWorm-Rat-...IP.dat

windows10-2004-x64

3

XWorm-Rat-...I2.dll

windows10-2004-x64

1

XWorm-Rat-...io.dll

windows10-2004-x64

1

XWorm-Rat-...DME.md

windows10-2004-x64

3

XWorm-Rat-...er.php

windows10-2004-x64

3

XWorm-Rat-...NC.exe

windows10-2004-x64

7

XWorm-Rat-...er.exe

windows10-2004-x64

1

XWorm-Rat-...UI.exe

windows10-2004-x64

XWorm-Rat-...ib.dll

windows10-2004-x64

1

XWorm-Rat-...ib.exe

windows10-2004-x64

Resubmissions

08-06-2024 18:20

240608-wyz2hafb42 10

08-06-2024 18:17

240608-ww7cssec5w 10

08-06-2024 18:11

240608-ws439seb9v 10

19-05-2024 22:48

240519-2rh3asfb62 10

Analysis

max time kernel
67s
max time network
71s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
19-05-2024 22:48

Sharing

Static task

static1

agilenet rat def asyncrat

4 signatures

Behavioral task

behavioral1

Sample

XWorm-Rat-Remote-Administration-Tool--main.zip

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

XWorm-Rat-Remote-Administration-Tool--main/CMSTP.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

XWorm-Rat-Remote-Administration-Tool--main/DisAsClaimer.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

XWorm-Rat-Remote-Administration-Tool--main/FastColoredTextBox.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

XWorm-Rat-Remote-Administration-Tool--main/Fixer.bat

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

XWorm-Rat-Remote-Administration-Tool--main/GeoIP.dat

Resource

win10v2004-20240508-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

XWorm-Rat-Remote-Administration-Tool--main/Guna.UI2.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

XWorm-Rat-Remote-Administration-Tool--main/NAudio.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

XWorm-Rat-Remote-Administration-Tool--main/README.md

Resource

win10v2004-20240508-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

XWorm-Rat-Remote-Administration-Tool--main/Uploader.php

Resource

win10v2004-20240426-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

XWorm-Rat-Remote-Administration-Tool--main/XHVNC.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral12

Sample

XWorm-Rat-Remote-Administration-Tool--main/XWorm-RAT-V2.1-builder.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

XWorm-Rat-Remote-Administration-Tool--main/XWormUI.exe

Resource

win10v2004-20240508-en

asyncrat def rat

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

XWorm-Rat-Remote-Administration-Tool--main/dnlib.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

XWorm-Rat-Remote-Administration-Tool--main/dnlib.exe

Resource

win10v2004-20240508-en

asyncrat def rat

windows10-2004-x64

10 signatures

150 seconds

Report Analysis Logs

General

Target

XWorm-Rat-Remote-Administration-Tool--main.zip
Size

5.0MB
MD5

ed997c518b1affa39a5db6d5e1e38874
SHA1

d0355de864604e0ba04d4d79753ee926b197f9cf
SHA256

8a7d20fb5bc7ef8b02ab6e11ef78ebc0a31ba5376bd97d40fe5d1da521324556
SHA512

50699cdd035c48e431102c703d7855dc85caa6feb7a7b34bdb23c7ccc298dbcc3ab261690c3dfb078451d3e299a0b037351edcbf54e79b6edaaacbf30ec68cb7
SSDEEP

98304:7jsOrfOedjeCSFFEYhqox9mv7Ys7q2f2AIRUeIV1iwLZnnpha75mlf2:7jLSCSFFEYrbA77q2+BS5nLbEX

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\XWorm-Rat-Remote-Administration-Tool--main.zip
1⤵
PID:1616

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy