xworm | 73ae033b73b065dc0b21899834ae6245aa720c51238b71c3b2ce2e204cce66f2 | Triage

Submit
Reports

Overview

overview

Static

static

XClient.exe

windows11-21h2-x64

Sharing

Copy URL Twitter E-mail

General

Target

XClient.exe
Size

30KB
Sample

240720-k8nknswakj
MD5

4e572953f62f40e06c703bfa467a7f30
SHA1

a314c5a414fe1bae2a3d361919687c8ded84dc81
SHA256

73ae033b73b065dc0b21899834ae6245aa720c51238b71c3b2ce2e204cce66f2
SHA512

fe30123767c28d4843c1d5cfa47243dd464bba850f359659a06f36b86e75b550c2cb2ed60a45502d24426625bf60db7a826a6cde3c5c3ed6de37580f732fb294
SSDEEP

384:+7wTA+5OfPgEBQqWvfcQLZe3s80hYACSqReAw2uRugtFuBLTIOZw/WVnvn9IkVuP:grgECfLH8MYAoReJ2uBFE9RjOqh0bT

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

XClient.exe

Resource

win11-20240709-en

xworm rat trojan

windows11-21h2-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

3.1

C2

le-pencil.gl.at.ply.gg:6703

Mutex

qy78GsHGIzhmPXzQ

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  XClient.exe
- Size
  
  30KB
- MD5
  
  4e572953f62f40e06c703bfa467a7f30
- SHA1
  
  a314c5a414fe1bae2a3d361919687c8ded84dc81
- SHA256
  
  73ae033b73b065dc0b21899834ae6245aa720c51238b71c3b2ce2e204cce66f2
- SHA512
  
  fe30123767c28d4843c1d5cfa47243dd464bba850f359659a06f36b86e75b550c2cb2ed60a45502d24426625bf60db7a826a6cde3c5c3ed6de37580f732fb294
- SSDEEP
  
  384:+7wTA+5OfPgEBQqWvfcQLZe3s80hYACSqReAw2uRugtFuBLTIOZw/WVnvn9IkVuP:grgECfLH8MYAoReJ2uBFE9RjOqh0bT
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy