Overview

overview

10

Static

static

3

2024-06-27...ia.exe

windows7-x64

3

2024-06-27...ia.exe

windows10-2004-x64

10

Resubmissions

09/07/2024, 15:44

240709-s6ffaa1bmj 3

27/06/2024, 11:34

240627-npnccaygrd 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-06-27_8101dd4485aa2bac14e7e3aee97627fd_mafia

  • Size

    130KB

  • Sample

    240627-npnccaygrd

  • MD5

    8101dd4485aa2bac14e7e3aee97627fd

  • SHA1

    c205d1c146d9120657640e2d03111babdbf898d2

  • SHA256

    0b5c7c53f53393b0d75969a745b2f0e2158edc3e87a3ca2bb506f850442bc9a4

  • SHA512

    90da78a7615340eb98d14c055c9dcfb88f7a339bc48cc9661f860b6d915fb7cd5fa557ed701436a8b0c7c797b84998ad405d2b758d11ed17dd49b2112a4072dc

  • SSDEEP

    3072:q4lh6fWA53GutQuxQbC/46Ux83lWHbu+JJlR:qNfhxt9v46t+uO/

Score
10/10
xwormrattrojan

Malware Config

Extracted

Family

xworm

Version

5.0

C2

117.41.184.33:7000

Mutex

20UmI84cKfMqQ1HH

Attributes
  • install_file

    USB.exe

aes.plain

Targets

    • Target

      2024-06-27_8101dd4485aa2bac14e7e3aee97627fd_mafia

    • Size

      130KB

    • MD5

      8101dd4485aa2bac14e7e3aee97627fd

    • SHA1

      c205d1c146d9120657640e2d03111babdbf898d2

    • SHA256

      0b5c7c53f53393b0d75969a745b2f0e2158edc3e87a3ca2bb506f850442bc9a4

    • SHA512

      90da78a7615340eb98d14c055c9dcfb88f7a339bc48cc9661f860b6d915fb7cd5fa557ed701436a8b0c7c797b84998ad405d2b758d11ed17dd49b2112a4072dc

    • SSDEEP

      3072:q4lh6fWA53GutQuxQbC/46Ux83lWHbu+JJlR:qNfhxt9v46t+uO/

    Score
    10/10
    xwormrattrojan

    • Detect Xworm Payload

    • Xworm

      Xworm is a remote access trojan written in C#.

      trojanratxworm

    • Detects Windows executables referencing non-Windows User-Agents

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks