fe6371034d55bb7583081b03f4aec7274f8340cfea4740325cb52e1c6ac77f6d | Triage

Submit
Reports

Overview

overview

Static

static

XWorm/XWor...db.dll

windows11-21h2-x64

1

XWorm/XWor...db.dll

windows11-21h2-x64

1

XWorm/XWor...ks.dll

windows11-21h2-x64

1

XWorm/XWor...il.dll

windows11-21h2-x64

1

XWorm/XWor...ts.dll

windows11-21h2-x64

1

XWorm/XWor...re.dll

windows11-21h2-x64

1

XWorm/XWor...rs.dll

windows11-21h2-x64

1

XWorm/XWor...ed.dll

windows11-21h2-x64

1

XWorm/XWor...ls.dll

windows11-21h2-x64

1

XWorm/XWor...io.dll

windows11-21h2-x64

1

XWorm/XWor...on.dll

windows11-21h2-x64

1

XWorm/XWor...ws.dll

windows11-21h2-x64

1

XWorm/XWor...ne.dll

windows11-21h2-x64

1

XWorm/XWor...at.dll

windows11-21h2-x64

1

XWorm/XWor...rd.dll

windows11-21h2-x64

1

XWorm/XWor...ss.dll

windows11-21h2-x64

1

XWorm/XWor...er.dll

windows11-21h2-x64

1

XWorm/XWor...er.dll

windows11-21h2-x64

1

XWorm/XWor...DP.dll

windows11-21h2-x64

1

XWorm/XWor...NC.dll

windows11-21h2-x64

1

XWorm/XWor...ry.dll

windows11-21h2-x64

1

XWorm/XWor...ns.dll

windows11-21h2-x64

1

XWorm/XWor...er.dll

windows11-21h2-x64

1

XWorm/XWor...ps.dll

windows11-21h2-x64

1

XWorm/XWor...ox.dll

windows11-21h2-x64

1

XWorm/XWor...ne.dll

windows11-21h2-x64

1

XWorm/XWor...sk.dll

windows11-21h2-x64

1

XWorm/XWor...ns.dll

windows11-21h2-x64

1

XWorm/XWor...me.dll

windows11-21h2-x64

1

XWorm/XWor...ce.dll

windows11-21h2-x64

1

XWorm/XWor...er.dll

windows11-21h2-x64

1

XWorm/XWor...ms.dll

windows11-21h2-x64

1

Analysis

max time kernel
1470s
max time network
1496s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
08-08-2024 18:29

Sharing

Static task

static1

agilenet agenttesla stormkitty

7 signatures

Behavioral task

behavioral1

Sample

XWorm/XWorm V5.1/Mono.Cecil.Mdb.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral2

Sample

XWorm/XWorm V5.1/Mono.Cecil.Pdb.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral3

Sample

XWorm/XWorm V5.1/Mono.Cecil.Rocks.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral4

Sample

XWorm/XWorm V5.1/Mono.Cecil.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral5

Sample

XWorm/XWorm V5.1/MonoMod.Backports.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral6

Sample

XWorm/XWorm V5.1/MonoMod.Core.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral7

Sample

XWorm/XWorm V5.1/MonoMod.ILHelpers.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral8

Sample

XWorm/XWorm V5.1/MonoMod.Iced.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral9

Sample

XWorm/XWorm V5.1/MonoMod.Utils.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral10

Sample

XWorm/XWorm V5.1/NAudio.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral11

Sample

XWorm/XWorm V5.1/Newtonsoft.Json.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral12

Sample

XWorm/XWorm V5.1/Plugins/ActiveWindows.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral13

Sample

XWorm/XWorm V5.1/Plugins/All-In-One.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral14

Sample

XWorm/XWorm V5.1/Plugins/Chat.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral15

Sample

XWorm/XWorm V5.1/Plugins/Clipboard.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral16

Sample

XWorm/XWorm V5.1/Plugins/Cmstp-Bypass.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral17

Sample

XWorm/XWorm V5.1/Plugins/FileManager.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral18

Sample

XWorm/XWorm V5.1/Plugins/FileSeacher.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral19

Sample

XWorm/XWorm V5.1/Plugins/HRDP.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral20

Sample

XWorm/XWorm V5.1/Plugins/HVNC.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral21

Sample

XWorm/XWorm V5.1/Plugins/HVNCMemory.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral22

Sample

XWorm/XWorm V5.1/Plugins/Informations.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral23

Sample

XWorm/XWorm V5.1/Plugins/Keylogger.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral24

Sample

XWorm/XWorm V5.1/Plugins/Maps.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral25

Sample

XWorm/XWorm V5.1/Plugins/MessageBox.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral26

Sample

XWorm/XWorm V5.1/Plugins/Microphone.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral27

Sample

XWorm/XWorm V5.1/Plugins/Ngrok-Disk.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral28

Sample

XWorm/XWorm V5.1/Plugins/Options.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral29

Sample

XWorm/XWorm V5.1/Plugins/Pastime.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral30

Sample

XWorm/XWorm V5.1/Plugins/Performance.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral31

Sample

XWorm/XWorm V5.1/Plugins/ProcessManager.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral32

Sample

XWorm/XWorm V5.1/Plugins/Programs.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Report Analysis Logs

General

Target

XWorm/XWorm V5.1/Plugins/Ngrok-Disk.dll
Size

7.0MB
MD5

4b97f63ca9495e69b45bd19b4eb03c44
SHA1

f454f71fdfbc95165672d9945207025be10527a0
SHA256

31f33d3cc8cfa6d7e17e7efbeb3611a9f5ab2c9630e90f2f0e7e2b21d73c4ad0
SHA512

bcccee6d244448c2f08ed646b2766ab9fee6a8f7b30bf2dcc9524421c1da0bc6f973eb06647c70544de4ac414170b17a7a51631f65a9dac80a1b0239e04a3661
SSDEEP

196608:9CsxED7kwTV6B/nCR7+AA3e5MryK5Rj1Bpw7Vdjz8wEO+Dl:9TED7/VEqt/A3TryARj1BpwLktl

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\XWorm\XWorm V5.1\Plugins\Ngrok-Disk.dll",#1
1⤵
PID:5044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy