General

  • Target

    XWorm-RAT-main.zip

  • Size

    33.7MB

  • Sample

    240908-f3d2tsygnn

  • MD5

    3c583f36fdd166613ec8b5f81597e5e9

  • SHA1

    f3e9cbfb5749212f2d54f36b391b7d03bdd303a9

  • SHA256

    8f71cc2fc5fd1b3e16377f0ca36067467280f6a63f7924f3fad273717c1f505e

  • SHA512

    072931cc7b3812d7681c879169b0ba0a1981e0c23d3549e223e29331a24c4ec5249964d2c636ec07b0ba2c3e3c81c236e0ccaf3e40d373dc2a6adc235fbcfa6b

  • SSDEEP

    786432:6j5llNvQ80iV1PIo6uNNIspKclWQatHDQXzTnHB35H+6XiIKD:al9QeVFI6DIs7ANjWh35HbyR

Score
10/10

Malware Config

Targets

    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/Memory.dll

    • Size

      9KB

    • MD5

      b8345a39a0f6e6a65f05bb1370b66d1e

    • SHA1

      e416cfae4f709bfcf4b5f8e2b79775d462a161ef

    • SHA256

      23e5a0d72e31184d8a8769a2c02d7c94c6b75846436f76c511464c2c20ce8387

    • SHA512

      c6b33fc1841586e0371f46c72354de0aea64f8110a29a5c30836417e47c93bcc5d97ce3cc6faf0eecc44d4b9b2415e62e2a44fc52a69c045ced95e8bbb2cb275

    • SSDEEP

      192:iep14DC2HwQG8A1OQGOz714uOIW1fn/eK+QMLuJNyL2:iepuC2Hwv444uen/eK+QJNyL2

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/Microphone.dll

    • Size

      540KB

    • MD5

      8fe668835a897d92bdba015fc1cc8af5

    • SHA1

      25c6d6eeccf6d945176dc6f2ad051961b93a68cb

    • SHA256

      f1106739567a2184b5dc8aabed3603c51c65fdccdf6875d9077bad6dfb422da0

    • SHA512

      a3e75daeeb0b7a8524d214ff2c79dbdbf11c81f19f5d474243ea3b6b54ef238ad0be47d9d707e6f3f0986447a7291e17a41ee6ebad078807fedb6b996886e127

    • SSDEEP

      6144:OO1+opclCf2v6exF0SyqeDI28DjyUbfb78+smmnJsCEmBy2pYARdd3NbFXElNZQ:O6zpFuvrFKDIT7bgFueXh/FXElNYu

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/NetInstall.dll

    • Size

      9KB

    • MD5

      9d8b706fa483d4974cdfc9e806b2863e

    • SHA1

      700e319afc9f1ac197d8a2077b12fa44b6b34d60

    • SHA256

      afefaf064810b08003b93aa1bd702d4b0fb15de29194bb2479a35443537ed348

    • SHA512

      fe8e26b07ffb366eb59dd169da76bb881e16512cdc5e8f225043c1b487d9a08b2a256d3b5de52f3217a6348d57d48d554b3bced6aa6da85bc32f7b398b643b5f

    • SSDEEP

      192:6ZTrGU8N06k8TQOPPz+0EX6QGOou3gysxeIW1PnQ97KpfATL2spY:6ZPGxjk8d+0EX4physxAnQ97KpfBspY

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/Ngrok-Disk.dll

    • Size

      12.3MB

    • MD5

      ccfb289bf29889c43369bd2166c17412

    • SHA1

      525fe101583f9d9fa14d35c27c3e9b0b61940760

    • SHA256

      3b2735a924841ac27fdb239d637dc730ada783d3a673a97df2682869faf3087e

    • SHA512

      5f7df0d4fc02b24ac0777e4ea4d35794865dbea93a65d3b44fd828fa5253ab27f4d9413260f5235751c5fb551998e7c8da07b78abe27ec2ea287bf86af9442ec

    • SSDEEP

      196608:TKWRNtaaymwIm9CSiRmW2XDLj2k7AW2bx8rkjq/vEO6w/3EyVzgzqjD0w4JnZqq:TR3wazwc0W2X/9f8zjqHd33HD0w

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/Ngrok-Install.dll

    • Size

      384KB

    • MD5

      c0f9f255b8cd7a6155925877d0ba9f71

    • SHA1

      8187eb04ace363a20ccfba3afaeeeb96ac267276

    • SHA256

      4cfcb5c0664fe82bcbe8c6502745d8d813222d05047537a2f6071709a2acd51d

    • SHA512

      a4d7956f9de69537742c76d6e84c7a4c98ffcbb144515a334302653626af0722f511f12f82c488addb9688f6a6a110c2c4f703409196f002e157c09e120d6216

    • SSDEEP

      6144:nqqDLJmokuhmMe7+1VIc2G5Gh7LgWTiMhxUkUVW1xFmgI0yV:qqnwok8mMe7+1n2G5A7LbbhxcUDI0

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/Pastime.dll

    • Size

      18KB

    • MD5

      f8556ea3b1f1a3a7e9a640a1092a556b

    • SHA1

      1862722d6f56bd4e4ba82c35e51173c2cb839f19

    • SHA256

      765c7a88112ee3ad03bc92cc3da37840082d62746bd5b02bcb8a57d5145345ae

    • SHA512

      9dfde73863bf062e76be09a1e6aa104f8ded04f67654ec0e2af3dad705e7d0f912dd77d9eeb25ed9a4817856ee6082d6c21846a3496265b1fb24c1b02cab2ade

    • SSDEEP

      384:y/vgBKHr2RVeapLyY9KeTj1kn26vOia/mT+//BeVUJsA8/VHMQ:4vgBKHr2Kap+Y9KmG1Fy/BPeA8/VHF

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/PreventSleep.dll

    • Size

      9KB

    • MD5

      e6c51c9850b9e65368b94b4c6ee64c2e

    • SHA1

      45203f003cd009f369f0fc0cd1756ae66f49bde5

    • SHA256

      c568ab1ced62dda4047b101d321136a49356f082f3cf4afc2d5d1adf45c3adb3

    • SHA512

      909caee45d8f770b14f411cbd6e50cf17152258b5eacf27d8686b09cbf4ade0a452d996b8ff0e8a8a4f470ffff89709ab190f5d116c236c1dabcdac550d04df8

    • SSDEEP

      192:hbA4MnX0GOwav19TvIW1Pn/+8p4jTH/Luj:hFyX1ot9TJn/np4jej

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/ProduKey.dll

    • Size

      98KB

    • MD5

      e6f0cb7913c9c3f064f52f7407b5cc3b

    • SHA1

      87943989d2eb6cae45a06dc526f267c7b76f57b6

    • SHA256

      1edff19661db8d711a79adfb9c7d701aaf885d25d12d55bc804f0b6a5d49910c

    • SHA512

      4634584da3f8534e3b1b0941e1827ca926b74d68fb2cfa165ce4b19b2c5200bf99fbc8f724fff99c8de5ffa123927e44f633dd693e2d15c45f5a3ce1d915fcf3

    • SSDEEP

      1536:0mbucSAwsbzcvesvH29p9coCgSeX06hfKRXso2G9eUJxDbi0:Nb3SQ3cmsCXcovdX1TG9eU7/

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/Programs.dll

    • Size

      9KB

    • MD5

      4ab2e715a2549c938247d459dfcb33f5

    • SHA1

      ce0073699cc018e274e6d93a6a3c36bd0488576b

    • SHA256

      ed86bac895c455ccd61180f0664be0b0d99f011e90e319f97afeabc286f7838f

    • SHA512

      e68b10549fe86503c0b654b1477c22e69395f20b7c9ec208180c08cd5899964dc7f1e31c9c46cc4f63c1bd3a862ab74bce42cce9fa7443630269409fb1df4119

    • SSDEEP

      192:BJS7Khum18KHFGOvJ1WTkIW1Pn/d+wqyzMLOVb:BJSmuYm8WTun/d+wqyNVb

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/Ransomware.dll

    • Size

      20KB

    • MD5

      b5a034e9d15cb09b1460dd18f1257d83

    • SHA1

      956156a47e690c8be8964dc3fb905e075a45e947

    • SHA256

      2bd33a784af634af7590ad9dc43d574005dd95b2b2e20640b97cff0474af91c6

    • SHA512

      026c51e39bb1647f05bd3d5b89357937d848ef5c374240fe8f41bf34eeb70429860d762032a0a954e98a49015d67272be436b14b51fd57e9956cc33aaa07030e

    • SSDEEP

      384:HDKe2SiTtr8SCMNyKU9kbbsXfB+ZMmoI+sHT4k7MWYeLZtHyh:HDehCSCMNzIk3sXP87PYw4

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/RunM.dll

    • Size

      10KB

    • MD5

      752019b614caf2b24d6d20e12b790ab2

    • SHA1

      6c927f44876b77ffbb5af5ec34fbfdc5e94e6b78

    • SHA256

      ab0fde86be8a9edcad9cf9f91643edcf922e2236abb3176ac581183989fcf99c

    • SHA512

      172901e589cab6f6e0ddd845d9b4ce87d66e4133fe6e52a6827cb92e00c90405c0804c75cefd9acd4b17d70ba1359d80a621425253ccbdb9a4b9112e826b2efc

    • SSDEEP

      192:kb1Q9BJL3C2tCcOEVyOS41NTNIW1Pnb/TPvlzZKA7CgWl:61Q7JCyDIeNTnnb/T3llP7CLl

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/RunPE.dll

    • Size

      11KB

    • MD5

      5e013ea771fc89907601dfc2af7a6fa2

    • SHA1

      26a340eae644c066805e551a130bf822eef5563a

    • SHA256

      c01ccb79af29e2053e5ab5486d2d0a07c2e4cb15a4df04e25d5f366cf2c94bcd

    • SHA512

      17c37cb6976efadf7b3a92c0d75b34d86461cd2feb3a4d659379e6d8a7c095eb30753b3a31d129ba4bc43be49c31296e56843b54bbedc3dcc4f91b0c5e13785d

    • SSDEEP

      192:glFfqh94qT5rmUrm1eNGOJeq1JQSnIW1fUst+fpo7MLus:glFChWqT5rm57kJQGUst4pods

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/Script.dll

    • Size

      9KB

    • MD5

      ed33c58ca58f149078212607da7e6d5c

    • SHA1

      82fae75c33144beddb3f587fdf8632cd8fe4c7c7

    • SHA256

      c6a37876cde8772f189f348f1469ad4527c5b9e387c29d653a3cc5283e3b639d

    • SHA512

      52abe4c280126996589eb732a09ba75f4b4f1b8288f46e918e7c2ff8919a33bf9816b4613a453b2bd66cfb4c4dd2adb987ebe8dea2eb6a2d18e9654936a552d0

    • SSDEEP

      192:09a5mkxbPGOWki1iTcIW1Pk/2ZpFRML2G:0qmkxbOIoiTGk/YpFZG

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/TCPGET.dll

    • Size

      12KB

    • MD5

      8ff53cf98035b5f4cc4fbd149a89e886

    • SHA1

      26dbdae3f67c4d08e5d2ae849e822988c8c9117e

    • SHA256

      8fbd4594f38a12a726d0618e20894e6615985ee96e787edcf2fa90f2f84dd150

    • SHA512

      9d8937a329bf9de09cfb82330aae2dd5ac23392de960d27abac8700696f18169a62ab3307efd53046355ea936808529d548f4e2c185accc8fc78b1663a151ef0

    • SSDEEP

      192:+8nfWHaosO7Pi7tkOfwZO1Z1011HoLIW12z/LDFJIgNQL2w:+ftPi7tpKAKHoUz/fFJIgFw

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/UACBypass.dll

    • Size

      16KB

    • MD5

      83da32d85a967a145211834033855497

    • SHA1

      39d75d57df6d102c73d0d4e771a0798c3f153d8c

    • SHA256

      ea912ca7c74d76924cdf1e634164d723a6d7a48212ab03c0f343a0132754a41b

    • SHA512

      833a9853255218e1068eb6de8fcec2c985488475771c8209e8c5f8e43fd3ff3fde036b28233fd55f35f4eda2d698f4fe67b6f8410294c1728a9c0350c81f3fd7

    • SSDEEP

      384:N0KGTIkYy8EjM/fVdpaAgiii5TvcayW0:N7yw/9dpaTi5T0aI

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/Update.dll

    • Size

      11KB

    • MD5

      dd9fcdc7bc3e42d5099a25b6a448761f

    • SHA1

      aa166f56013baf0dcee7ab0d836be44e8c37b706

    • SHA256

      88160d78fc6c9f366475039635713a27b5604c9df54ae05ccb5e6db1801c9138

    • SHA512

      8e1072769a8d7a1eaa0f730c0ad0d931c285ba22c855090e997ce5d018c6d30beafae38d38928eaa0a48b06888246bfc3443810a5eab9a3ee81eb6d234a410a3

    • SSDEEP

      192:HNswkD3S282f6vHR4QJwGOHbHKPBMbOIW1Um0zuWuyV9ip2f/LuT:HNswkDV3f654QDUbsMb/mwuWx9ip2yT

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/VB.dll

    • Size

      10KB

    • MD5

      6eedf6419333c35d3cfc2b9541860edd

    • SHA1

      0babbf73776d7c90cd26ecd482104fd0e518d889

    • SHA256

      9de6c632bf5bea4ba7937648351b592b002bf6ec25154d3f0a4732b5e9350973

    • SHA512

      e6b379a339cc56e155cbf19667d79fbc235e2f57eabd2b83515d8df3c5bb9e8581bb423d904d2a1b7e565d58d928f6712cc4ddda3279b058a2949e81b3c1e18f

    • SSDEEP

      192:GszeShQd5ihhdBFzXzwyGOFGD01F4SPlF6IW1PnxlVQGjMLO0/:Gsz7y0PDzw/yjF4Bnxl+G90/

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/VNC.dll

    • Size

      657KB

    • MD5

      fefafedef31e16b7e8c1ede371e6c02c

    • SHA1

      216688ca704ab4aa0a8033709f05868639401603

    • SHA256

      87788f54632ee7f4cd9d485e44a08558e9acbc6e2c3819c0b6cd8ec1c613674c

    • SHA512

      e2b0b2f31a47e446b94dde58028d5338e4065d7b12e3c63e9e9b136d4e5b000861d4b9ad4bb457816baf985f0370988a614bd14205751f2d564cf2dd22aa4b2b

    • SSDEEP

      12288:PLttATbOJ0daaSiP5P4MCtm1OBD/t/1T0LcsiSfOTgSAiBGIXFpBmoS:TttAHg0AU5P4Z7/t9oLziSfSgSPoIF

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/WDExclusion.dll

    • Size

      9KB

    • MD5

      6dc438673ea924bf31d595fd8bd228e8

    • SHA1

      db24d51d61383f457da92464d07b6e2fbc933dd2

    • SHA256

      4085a76771f41a0883851a11eee48705e955b2a3209fd0147c13910326398332

    • SHA512

      03eb1e0db218a8cc592db99217926d20b0053b5536912da84ba87b3e8321557d4fa62bd74656f8deaa371676d80ed9c8111c2a5d60fe7ac6bdaa1aea519ac7e8

    • SSDEEP

      192:8XPGbkNgv8pohG5cWa21t9ZhIW1Un/bVf2TLOJZ:EeYSv8bqWjt9Z4n/bVfR7

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/WSound.dll

    • Size

      540KB

    • MD5

      02557db3964eb1226a7b172d0eeaaf77

    • SHA1

      d91404cd4002ca3a0cdd5870ea05f53bba5310dd

    • SHA256

      5c850743604d25754fc87b8c662707a01155ee540a40c8f55a0b0ad4acf376e4

    • SHA512

      8b0a8d137f948cb9e4858ff25bd894feae75280c1045499ba896701d04218c4ab57c65ee8ade84e4e7632f6e8f443c8d75bc4f42fb402b56c947a00f42921ae4

    • SSDEEP

      12288:o0fU7nZVe+WREYwEexJ6LRVYYbgOvd/3rGd9Bsu5:LCZIREYwMV3bgOF/3yd9Bsu

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/Wallpaper.dll

    • Size

      9KB

    • MD5

      f0f5c337c0523296cdaedc985248dee6

    • SHA1

      ae086d9b264ba40047e3ab618c0e4748aa12716a

    • SHA256

      21963c59c789ca47624a5ffe1ebd47c5f23fd6c0426e590f61aa11a27dc816c4

    • SHA512

      67a0f8785e0cae77fa12962ceb82c302071884daf340e1fe4cb515c6d3fc9553f09060919954b8d8d2a361b1c6a16236b1ca238bcba20e3c1774b9895cf66fea

    • SSDEEP

      192:520xpA2/cbmyGOWQ1ST8IW1Pd//zRAp63N/L2DQU:52cpA2/cbm/ySTmd//zRAp63AkU

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/WebCam.dll

    • Size

      209KB

    • MD5

      f10c859011f17c97017a919ed8e48be1

    • SHA1

      b117025ad2da5ca26f1adc4a3d0507526faf33e8

    • SHA256

      1b7a87ecc2814bfe887cdc5fa8a4b8f0bfc4692d4d0a87ee8dbe0fcdcd2fb23f

    • SHA512

      235c12971a1e936e43df5fa9a45b55fbd758e5148b8a7c33e6178ea668fb785a8a109e6ae4a8f4c93d9e8a804a7615f3ea4316911b8452444ea7b6e2543bdd8f

    • SSDEEP

      3072:FTlWR/jKGR5BfF/g50PBgakLA3LC2FY+EdzYZHAx+dqRN51hdJFxtZV9l5hhJxZY:FR+22fFcgBgakL320zYZHpMXM/sW

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/WifiKeys.dll

    • Size

      10KB

    • MD5

      3705833eefefe24becb312f01953e926

    • SHA1

      072413a9f83b092b5a7ba52c5db2d0fb08b16438

    • SHA256

      66f1542ee1ef212bb0e18b588800228ca2e113e0d5eec0f20c09f08225f61075

    • SHA512

      652360e13b977b0c4542f48358aaa02fd4fbe46c29a99736119de8a02803824787ef76eb7f08f63b5b68a7d72d3bdd24f3462af571c7f75ae9187a320ec5598c

    • SSDEEP

      192:qxOw7xyKgH38NvW//ocWuxJaGODu11iTCIW1Pk+jLqGCTYuTLuTeOrre:qd7xyKgH3qvM/ocjzn2miT0k+XtCTYR/

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/Worm.dll

    • Size

      12KB

    • MD5

      bef245a79659e08fcecc5c1f50be3f57

    • SHA1

      eb91878b63a181723a75745c83d7fe6cd168ae8b

    • SHA256

      5b32dad4ad2b350157eda3061dc821645e7cd291970509ab32e9023b8c945951

    • SHA512

      380c90ae5c484ad0ddc6b29abb85c881940dc98c0bc71d3938c9601ca932ec2237928cb335bf12cf086a3316c71954432f55a6ed60362411f1cee078d32510c3

    • SSDEEP

      192:WYfsyJl5ATYZeLtUFslQxGOC9e1PkzIW1PnGEHHFDLIMLOX:W6Jf8YZ/F0N9UPk9nGQFL4X

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Plugins/uninstall.dll

    • Size

      11KB

    • MD5

      b940dbf98a4b1c79e7b56f015fc8b856

    • SHA1

      6f526b0bd8f1f84745089980cd3472e2fbe4fdc2

    • SHA256

      420c4a9616a17dcf49c790b01c00e65c2510cd052b255d9a85da955b1c8a8e7c

    • SHA512

      6f5fc00a4d13ded7c6543aad7481a6dd2f026d16fb648e7d454d3a9f884a5a6296e188119773d399ac8440b07816c273a7840c4e925990e4d24d34a57bcced92

    • SSDEEP

      192:c+qBfv8vZvrSpshmeb7hSoeS/nmGODbHoPBfbjIW1Um0zHB0VAXp7y/LWZEk:czBfv8vZvr5Dld7gbifbOmwHoip7hZEk

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Tools/HVNC-Server.exe

    • Size

      112KB

    • MD5

      2bc558b0cf60f8c5a17d16299e07a030

    • SHA1

      9a6a53a088cdbab38201b11015e58aacb85e1dc6

    • SHA256

      83178407d4761df1439304df2f08ec6df4e216986fab12590b6339186291b591

    • SHA512

      21ed30fb07a670ca4cf44527d34d201735dac1a9c23e7cc709983c3dbff75cdeec8380c2fe795270fd77203fa9e59b34a324acdb0815c8654b819269e52d9ce8

    • SSDEEP

      3072:cl/0Gw9hSR3UFqhHe9Z0SZDz4PUF8FaBh3:cl8GjtChHh3

    Score
    3/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Tools/ResHacker.exe

    • Size

      1.0MB

    • MD5

      d285a10c73da68b027951a2038a7ae0d

    • SHA1

      e3e5712df92ed49d6cd429799e6e557af093da06

    • SHA256

      aeeac91ca85c59309a8d6f7109a84e1ee6d4817498417373e7c3c93dac7bb1e5

    • SHA512

      150b47f6b4ab2c33c818843ddf30562c85055c1be5bbda7bc347bf36116b4d8d8f7b78303342e9eb667facd37a841eb7d930de325f25d170b680e97f8dfed48e

    • SSDEEP

      24576:XS9wlTzi2gQO1PMV2DCHAJ2glv9fJVOYfJSzaSArbz2jQOS/:C9ijgQO1PMDozYAPz2UN/

    Score
    3/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Tools/vncviewer.exe

    • Size

      1.5MB

    • MD5

      b8d15cd10f1e9ff6adeae64fbbeb755b

    • SHA1

      f962549e42b58a056b11a9ba9750a30bc76844d7

    • SHA256

      823168f7ff268a96aa80d915d946411ef214e7597c73312b19f9723d704b1396

    • SHA512

      1478c76b08a8aa9cf9db927ea371c192ade81d8e27d394613f05aa60011fa8bc46ada115ab4c8c9aa75fcf86dbb62f7089a211f58270c984a204c91465cd07af

    • SSDEEP

      24576:Jj/05kjHhc0Vo68/RWyVae30Zh6FSCTpf2kveQn5poM5lcOBo:JY5kdc0G68/RVoe3+MTZ2kFroM5lxBo

    Score
    3/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/Win-XwormRat-builder.exe

    • Size

      928KB

    • MD5

      db9df61757cc712eb190955371d24937

    • SHA1

      308155685a2bcc0369a63d1ac2c13c7293cedce7

    • SHA256

      276d53b6f343cffb4e81e6db87b30dce162b82dd2ed9aea49d754cdfba8e865a

    • SHA512

      cf2ab30da84cdee5988c52f08403a33d99f5565839959763aaa4b34745251cc32839e466e7c6c27f83145bc10b55e0f279a4165af58db28156f34aa2b44a921e

    • SSDEEP

      12288:V8pICumxgLj3PSg+Gfqxk01P6RNGZS7yK8g3dviBOEBkCtip/y6Lr9vXjdkpgLMk:p1ixARrLl1/1q+

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/XHVNC.exe

    • Size

      1.9MB

    • MD5

      4904329d091687c9deb08d9bd7282e77

    • SHA1

      bcf7fcebb52cad605cb4de65bdd077e600475cc7

    • SHA256

      e92707537fe99713752f3d3f479fa68a0c8dd80439c13a2bb4ebb36a952b63fd

    • SHA512

      b7ba131e9959f2f76aa3008711db9e6f2c4753a232140368be5c8388ab0e25154a31e579ef87fe01a3e4bc83402170bb9fbf242c6f01528455246b793e03fdfb

    • SSDEEP

      24576:CmErCsazef+APWb6+CILRbTcJiWevOIWr9Lrdl5p0WdaMCtGjC+Ub:CPF+CWb6+CILRncZe65rb5p0ehVCr

    Score
    7/10
    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Target

      XWorm-RAT-main/XWorm RAT V2.1/dnlib.dll

    • Size

      1.1MB

    • MD5

      9ed69fbbfdec5d95ea229da3969dd77b

    • SHA1

      7972339f0a1b6a28a2f335c84cdfc5d9beee72b6

    • SHA256

      e8bc7a627149386cb3cf714ae0101f69440f72cf2e7468a677b727b32aaed755

    • SHA512

      61bfaa00736487ed736a27c1a9e45ce14b578452471866d195ce1a4736e72bd4bec98938b8cbb83ffbf09cbf188e9b8760452cc95ee30565414882aadd0171a6

    • SSDEEP

      24576:+9itfCdSZYeP0jsLpPl44znxuhv7fBTu1Z:W5QF6

    Score
    1/10
    • Target

      XWorm-RAT-main/XWorm RAT V2.1/resource/data.dat

    • Size

      6.5MB

    • MD5

      a21db5b6e09c3ec82f048fd7f1c4bb3a

    • SHA1

      e7ffb13176d60b79d0b3f60eaea641827f30df64

    • SHA256

      67d9b4b35c02a19ab364ad19e1972645eb98e24dcd6f1715d2a26229deb2ccf5

    • SHA512

      7caab4f21c33ef90c1104aa7256504ee40ff0a36525b15eb3d48940862346ccf90a16eef87c06d79b0ffd920beb103ed380eae45df8c9286768890b15ed1067c

    • SSDEEP

      98304:KAc94bqa9niwFYWLqDuTTTTTTdfPPpWLq+Guf2W2b6F72q0:KAcC9iwFYWuDCPPpWu+GduZ2L

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

agilenet
Score
10/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

Score
1/10

behavioral30

agilenetdiscovery
Score
7/10

behavioral31

Score
1/10

behavioral32

discovery
Score
3/10