fe6371034d55bb7583081b03f4aec7274f8340cfea4740325cb52e1c6ac77f6d | Triage

Submit
Reports

Overview

overview

Static

static

XWorm/XWor...db.dll

windows11-21h2-x64

1

XWorm/XWor...db.dll

windows11-21h2-x64

1

XWorm/XWor...ks.dll

windows11-21h2-x64

1

XWorm/XWor...il.dll

windows11-21h2-x64

1

XWorm/XWor...ts.dll

windows11-21h2-x64

1

XWorm/XWor...re.dll

windows11-21h2-x64

1

XWorm/XWor...rs.dll

windows11-21h2-x64

1

XWorm/XWor...ed.dll

windows11-21h2-x64

1

XWorm/XWor...ls.dll

windows11-21h2-x64

1

XWorm/XWor...io.dll

windows11-21h2-x64

1

XWorm/XWor...on.dll

windows11-21h2-x64

1

XWorm/XWor...ws.dll

windows11-21h2-x64

1

XWorm/XWor...ne.dll

windows11-21h2-x64

1

XWorm/XWor...at.dll

windows11-21h2-x64

1

XWorm/XWor...rd.dll

windows11-21h2-x64

1

XWorm/XWor...ss.dll

windows11-21h2-x64

1

XWorm/XWor...er.dll

windows11-21h2-x64

1

XWorm/XWor...er.dll

windows11-21h2-x64

1

XWorm/XWor...DP.dll

windows11-21h2-x64

1

XWorm/XWor...NC.dll

windows11-21h2-x64

1

XWorm/XWor...ry.dll

windows11-21h2-x64

1

XWorm/XWor...ns.dll

windows11-21h2-x64

1

XWorm/XWor...er.dll

windows11-21h2-x64

1

XWorm/XWor...ps.dll

windows11-21h2-x64

1

XWorm/XWor...ox.dll

windows11-21h2-x64

1

XWorm/XWor...ne.dll

windows11-21h2-x64

1

XWorm/XWor...sk.dll

windows11-21h2-x64

1

XWorm/XWor...ns.dll

windows11-21h2-x64

1

XWorm/XWor...me.dll

windows11-21h2-x64

1

XWorm/XWor...ce.dll

windows11-21h2-x64

1

XWorm/XWor...er.dll

windows11-21h2-x64

1

XWorm/XWor...ms.dll

windows11-21h2-x64

1

Analysis

max time kernel
1469s
max time network
1488s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
08-08-2024 18:29

Sharing

Static task

static1

agilenet agenttesla stormkitty

7 signatures

Behavioral task

behavioral1

Sample

XWorm/XWorm V5.1/Mono.Cecil.Mdb.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral2

Sample

XWorm/XWorm V5.1/Mono.Cecil.Pdb.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral3

Sample

XWorm/XWorm V5.1/Mono.Cecil.Rocks.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral4

Sample

XWorm/XWorm V5.1/Mono.Cecil.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral5

Sample

XWorm/XWorm V5.1/MonoMod.Backports.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral6

Sample

XWorm/XWorm V5.1/MonoMod.Core.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral7

Sample

XWorm/XWorm V5.1/MonoMod.ILHelpers.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral8

Sample

XWorm/XWorm V5.1/MonoMod.Iced.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral9

Sample

XWorm/XWorm V5.1/MonoMod.Utils.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral10

Sample

XWorm/XWorm V5.1/NAudio.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral11

Sample

XWorm/XWorm V5.1/Newtonsoft.Json.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral12

Sample

XWorm/XWorm V5.1/Plugins/ActiveWindows.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral13

Sample

XWorm/XWorm V5.1/Plugins/All-In-One.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral14

Sample

XWorm/XWorm V5.1/Plugins/Chat.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral15

Sample

XWorm/XWorm V5.1/Plugins/Clipboard.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral16

Sample

XWorm/XWorm V5.1/Plugins/Cmstp-Bypass.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral17

Sample

XWorm/XWorm V5.1/Plugins/FileManager.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral18

Sample

XWorm/XWorm V5.1/Plugins/FileSeacher.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral19

Sample

XWorm/XWorm V5.1/Plugins/HRDP.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral20

Sample

XWorm/XWorm V5.1/Plugins/HVNC.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral21

Sample

XWorm/XWorm V5.1/Plugins/HVNCMemory.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral22

Sample

XWorm/XWorm V5.1/Plugins/Informations.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral23

Sample

XWorm/XWorm V5.1/Plugins/Keylogger.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral24

Sample

XWorm/XWorm V5.1/Plugins/Maps.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral25

Sample

XWorm/XWorm V5.1/Plugins/MessageBox.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral26

Sample

XWorm/XWorm V5.1/Plugins/Microphone.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral27

Sample

XWorm/XWorm V5.1/Plugins/Ngrok-Disk.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral28

Sample

XWorm/XWorm V5.1/Plugins/Options.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral29

Sample

XWorm/XWorm V5.1/Plugins/Pastime.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral30

Sample

XWorm/XWorm V5.1/Plugins/Performance.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral31

Sample

XWorm/XWorm V5.1/Plugins/ProcessManager.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral32

Sample

XWorm/XWorm V5.1/Plugins/Programs.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Report Analysis Logs

General

Target

XWorm/XWorm V5.1/Plugins/FileSeacher.dll
Size

478KB
MD5

ddd4ae137e023e293477e0f52a982ee4
SHA1

2decefb69bcfb8306c519ff98c0277bbca8fd40f
SHA256

c1bb7f89e10f3e4214b8213e728e6bf5bee8d5dfe66aa304f1396fe6afa2f933
SHA512

a1ec9d3ebfe4dae3ba7b2e744cfbe546bfabc15795ba9c3c9624da2b7c4564244c3570d202964137ac1239e038d2f999976dfc0ad359808a285e661e6946dfc0
SSDEEP

6144:+88L5lWTUVRTw/l97teGtSV41QJDsTDDh0Yhe6dwxLV/tuhgpn5vWRBI+WR:3zTUVRTw1lS4Ys50ie6Cf4gpys

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\XWorm\XWorm V5.1\Plugins\FileSeacher.dll",#1
1⤵
PID:2200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy