xworm | 5cda2005efea3007513401b78b0d49bdaf40eb9272b4470debe813f3b4e3ca27 | Triage

Submit
Reports

Overview

overview

Static

static

XClient.exe

windows7-x64

XClient.exe

windows10-2004-x64

Resubmissions

14-06-2024 14:33

240614-rwzwhayckm 10

14-06-2024 14:29

240614-rtwq3avaqd 10

Sharing

General

Target

XClient.exe
Size

36KB
Sample

240614-rwzwhayckm
MD5

418f59a052835c68ebb8d843b0f2d398
SHA1

cbc09fc445227fcf291a961a43c9838d90904654
SHA256

5cda2005efea3007513401b78b0d49bdaf40eb9272b4470debe813f3b4e3ca27
SHA512

1f687d7da1605213db0e085ef26165c6f9ba8d9ebe85b8590fe111775d86bb42cae419056762aaef149a7728de7652364c0d521671f72b03f714dfd031d3600f
SSDEEP

768:8L13A5Uno9RfHWa2B71eo8icH1bxbFb9EGOMhnQXvA:qxA5Uno9JHWXZeNicH1bBFb9EGOMN6A

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

XClient.exe

Resource

win7-20240508-en

xworm rat trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

XClient.exe

Resource

win10v2004-20240508-en

xworm rat trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:7000

Mutex

QNLpPDGMwOWK6Hsr

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  XClient.exe
- Size
  
  36KB
- MD5
  
  418f59a052835c68ebb8d843b0f2d398
- SHA1
  
  cbc09fc445227fcf291a961a43c9838d90904654
- SHA256
  
  5cda2005efea3007513401b78b0d49bdaf40eb9272b4470debe813f3b4e3ca27
- SHA512
  
  1f687d7da1605213db0e085ef26165c6f9ba8d9ebe85b8590fe111775d86bb42cae419056762aaef149a7728de7652364c0d521671f72b03f714dfd031d3600f
- SSDEEP
  
  768:8L13A5Uno9RfHWa2B71eo8icH1bxbFb9EGOMhnQXvA:qxA5Uno9JHWXZeNicH1bBFb9EGOMN6A
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy