Overview

overview

10

Static

static

10

9ce6d086aa...cb.exe

windows7-x64

10

9ce6d086aa...cb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9db1f91cfadd63e2af86c931deafac223730551b196fb57abb097f2f13b83597

  • Size

    17KB

  • Sample

    240829-gzt5baxdlb

  • MD5

    2c104d2e02b64d2e399c4f698e787c1f

  • SHA1

    419ac879555d35ea95b684b13952541e9e8a6a09

  • SHA256

    9db1f91cfadd63e2af86c931deafac223730551b196fb57abb097f2f13b83597

  • SHA512

    ceb759f847df14ea994b3408688eb5480f4780cba0cf7cad19b0a7fee7cda0f2dad4bee33bec85bf749500d6301f4454361c222aa6f2d808c5de8943902c651b

  • SSDEEP

    384:70wfJqVCxTeL1iKa8d9dskfnTgCGgL5ieA+C48cK3yeWhIp8rVgWu/0STXRweX5:gwf4ZLF39dnnMvgLXA+NKCeWyp2VwxTX

Score
10/10
xwormrattrojan

Malware Config

Extracted

Family

xworm

C2

popular-influenced.gl.at.ply.gg:2439

Attributes
  • install_file

    USB.exe

Targets

    • Target

      9ce6d086aa5285d09275b6fc298c006aa632b19f9005eef8f9ae412009e620cb.exe

    • Size

      36KB

    • MD5

      f0789ccfa100583cc6f4ed2e02bbf460

    • SHA1

      36c51e297da4efb7acf0af103193452ea99d4555

    • SHA256

      9ce6d086aa5285d09275b6fc298c006aa632b19f9005eef8f9ae412009e620cb

    • SHA512

      8214cff0c550bee220d6459432ad87093b6ee8925df2ef5cfcaf48f65f3b80f567b32e191dc22c1d260b6172da3af6c8ddc4f8211a413890e354c52e79385dcd

    • SSDEEP

      768:rDMKilyAUxm37aL8q7I2cWWyAbEyDbXIQ1OUyhZyxBq:vmnruN7I2cWEbEyDbIaOnaBq

    Score
    10/10
    xwormrattrojan

    • Detect Xworm Payload

    • Xworm

      Xworm is a remote access trojan written in C#.

      trojanratxworm
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks