Overview
overview
10Static
static
10XWorm-RAT-...ox.dll
windows7-x64
1XWorm-RAT-...ox.dll
windows10-2004-x64
1XWorm-RAT-...er.bat
windows7-x64
1XWorm-RAT-...er.bat
windows10-2004-x64
1XWorm-RAT-...I2.dll
windows7-x64
1XWorm-RAT-...I2.dll
windows10-2004-x64
1XWorm-RAT-...io.dll
windows7-x64
1XWorm-RAT-...io.dll
windows10-2004-x64
1XWorm-RAT-...ip.dll
windows7-x64
1XWorm-RAT-...ip.dll
windows10-2004-x64
1XWorm-RAT-...ws.dll
windows7-x64
1XWorm-RAT-...ws.dll
windows10-2004-x64
1XWorm-RAT-...AC.dll
windows7-x64
1XWorm-RAT-...AC.dll
windows10-2004-x64
1XWorm-RAT-...OD.dll
windows7-x64
1XWorm-RAT-...OD.dll
windows10-2004-x64
1XWorm-RAT-...en.dll
windows7-x64
1XWorm-RAT-...en.dll
windows10-2004-x64
1XWorm-RAT-...ks.dll
windows7-x64
1XWorm-RAT-...ks.dll
windows10-2004-x64
1XWorm-RAT-...ot.dll
windows7-x64
1XWorm-RAT-...ot.dll
windows10-2004-x64
1XWorm-RAT-...at.dll
windows7-x64
1XWorm-RAT-...at.dll
windows10-2004-x64
1XWorm-RAT-...um.dll
windows7-x64
1XWorm-RAT-...um.dll
windows10-2004-x64
1XWorm-RAT-...rd.dll
windows7-x64
1XWorm-RAT-...rd.dll
windows10-2004-x64
1XWorm-RAT-...er.dll
windows7-x64
1XWorm-RAT-...er.dll
windows10-2004-x64
1XWorm-RAT-...ss.dll
windows7-x64
1XWorm-RAT-...ss.dll
windows10-2004-x64
1General
-
Target
XWormRATmain.zip
-
Size
33.7MB
-
Sample
240908-mjzmra1dmk
-
MD5
3c583f36fdd166613ec8b5f81597e5e9
-
SHA1
f3e9cbfb5749212f2d54f36b391b7d03bdd303a9
-
SHA256
8f71cc2fc5fd1b3e16377f0ca36067467280f6a63f7924f3fad273717c1f505e
-
SHA512
072931cc7b3812d7681c879169b0ba0a1981e0c23d3549e223e29331a24c4ec5249964d2c636ec07b0ba2c3e3c81c236e0ccaf3e40d373dc2a6adc235fbcfa6b
-
SSDEEP
786432:6j5llNvQ80iV1PIo6uNNIspKclWQatHDQXzTnHB35H+6XiIKD:al9QeVFI6DIs7ANjWh35HbyR
Behavioral task
behavioral1
Sample
XWorm-RAT-main/XWorm RAT V2.1/FastColoredTextBox.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
XWorm-RAT-main/XWorm RAT V2.1/FastColoredTextBox.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
XWorm-RAT-main/XWorm RAT V2.1/Fixer.bat
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
XWorm-RAT-main/XWorm RAT V2.1/Fixer.bat
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
XWorm-RAT-main/XWorm RAT V2.1/Guna.UI2.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
XWorm-RAT-main/XWorm RAT V2.1/Guna.UI2.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
XWorm-RAT-main/XWorm RAT V2.1/NAudio.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
XWorm-RAT-main/XWorm RAT V2.1/NAudio.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/7zip.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/7zip.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/ACTWindows.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/ACTWindows.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/AskUAC.dll
Resource
win7-20240708-en
Behavioral task
behavioral14
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/AskUAC.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/BSOD.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/BSOD.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/BlankScreen.dll
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/BlankScreen.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Bookmarks.dll
Resource
win7-20240729-en
Behavioral task
behavioral20
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Bookmarks.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Bot.dll
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Bot.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Chat.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Chat.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Chromium.dll
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Chromium.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Clipboard.dll
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Clipboard.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Clipper.dll
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Clipper.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Cmstp-Bypass.dll
Resource
win7-20240704-en
Behavioral task
behavioral32
Sample
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Cmstp-Bypass.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/FastColoredTextBox.dll
-
Size
333KB
-
MD5
b746707265772b362c0ba18d8d630061
-
SHA1
4b185e5f68c00bef441adb737d0955646d4e569a
-
SHA256
3701b19ccdac79b880b197756a972027e2ac609ebed36753bd989367ea4ef519
-
SHA512
fd67f6c55940509e8060da53693cb5fbac574eb1e79d5bd8f9bbd43edbd05f68d5f73994798a0eed676d3e583e1c6cde608b54c03604b3818520fa18ad19aec8
-
SSDEEP
6144:4FErOIif3RzSHh+20lXs1TzCeBcQeDbNlz7:eEeR52bmeh0n
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Fixer.bat
-
Size
122B
-
MD5
2dabc46ce85aaff29f22cd74ec074f86
-
SHA1
208ae3e48d67b94cc8be7bbfd9341d373fa8a730
-
SHA256
a11703fd47d16020fa099a95bb4e46247d32cf8821dc1826e77a971cdd3c4c55
-
SHA512
6a50b525bc5d8eb008b1b0d704f9942f72f1413e65751e3de83d2e16ef3cf02ef171b9da3fff0d2d92a81daac7f61b379fcf7a393f46e914435f6261965a53b3
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Guna.UI2.dll
-
Size
2.1MB
-
MD5
d65fd6dbbd3c9ac74139aeaedc4a5816
-
SHA1
407ae10ccc8e19798bf75cb90b2150cb63a9db66
-
SHA256
84199a22c8669a39800272c3da0d969ec4e8d77d67b9d324ca049953a5042c71
-
SHA512
b8a99e88d49a6f9ff89339fa5acc9df8b59665d2ec22ccb4741e501bba6b280b00336906a637d8f071f86a4dcd68ca4ac86683e651466f084cb96d0e3152eddf
-
SSDEEP
49152:ClU6fD73waJnBA5lV8jldVmIgA5iKOvhn:ClU6vznglEldVmIJi/vt
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/NAudio.dll
-
Size
502KB
-
MD5
3b87d1363a45ce9368e9baec32c69466
-
SHA1
70a9f4df01d17060ec17df9528fca7026cc42935
-
SHA256
81b3f1dc3f1eac9762b8a292751a44b64b87d0d4c3982debfdd2621012186451
-
SHA512
1f07d3b041763b4bc31f6bd7b181deb8d34ff66ec666193932ffc460371adbcd4451483a99009b9b0b71f3864ed5c15c6c3b3777fabeb76f9918c726c35eb7d7
-
SSDEEP
6144:96/i10SZtfzWctj98vZcE0wmLlaIZs5eku2sX2hrjAzvgmXa6W9FwsT9idwktQZG:9yrSKMJR9aGs55T1X9Fwspi2tGpmS
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Plugins/7zip.dll
-
Size
1.3MB
-
MD5
de03ce2ff4d7f7625352a8c4b44f3196
-
SHA1
357d3d42fccea225277810d28a43c17ab5dbf3a5
-
SHA256
201b8405af13e843b30f4cb96961286b11114729a75e9388e2bd717785f95261
-
SHA512
675d230cd3c28d1b66aa24dc5966cebee426dd85d75775c29e4e61373019456f3d66dab6a2706132d32cd37aed366f00ebe9ce6ae80f31963e02bbf67e0a530e
-
SSDEEP
24576:u0/LsiV9P+XbiDmHzsvTK6BN2TBQLge+ErnuIAr24sNhHXZ:ucLsk9Pk6gAK6BN2NQUe+ErnuVqjNhHX
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Plugins/ACTWindows.dll
-
Size
10KB
-
MD5
b421c1a1915efd31250603caf98a6efa
-
SHA1
9c54fffa90dc39ed9a63dd405644ca3679c543e8
-
SHA256
1c921e95d1f35e9aeba1d544362268bd1ac77a1006c215abeb6da9e041b3dee4
-
SHA512
c6c99379e87fa4108307ce61eaaf1143d4d04c09ca3e8e13cd89b3e3ae3c01e3e641cdf6f9f414001705acb54b3a4bd615bf313764b62fe0f60286b6f8ab27e0
-
SSDEEP
192:xEioKRFQer7v67Y85ZIwI71tHThIW1PnyWVSBQMLuTF:+ibRFv8DIbtHTrnyWVSQTF
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Plugins/AskUAC.dll
-
Size
9KB
-
MD5
4a76da7ba432413e023cc2daef5f73b4
-
SHA1
c4261cde5160753afba76604e6b71cfc1d95b58d
-
SHA256
742625b8c8e1ad522dde95931102926aa7f806657879705b4fccaf36614d8d77
-
SHA512
b43d50ee1385ba9b0e3d712f8e64b7ba4d634fdd9e8927cc330c71d34aae97f66291172cc713176206e0b2bbfeadff34ca5aa0605aa71a00db3434ebaa555bf3
-
SSDEEP
192:mH563sg1GON8bIsgyBTkIW1Pn/KiVawMLOQ:mpFQ8bWyBTun/KwaAQ
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Plugins/BSOD.dll
-
Size
9KB
-
MD5
e82a0b53c1a19276e006db45bea7de6a
-
SHA1
3e5ff9be31351de44b4fc633e3d9d19aaecee967
-
SHA256
3980b827732c01092e7b11b8c1dfecbed4bff66a5e977bcb1c8d9ab14b4ef5b7
-
SHA512
434c4d81726f4dc1492168bfe3e5761838b2ba457ba4f4e7fe4bd9e9c42287842860688864e1f07a5188fc1fa671d5f76bf851d31072844f6e3342f3a64bc798
-
SSDEEP
192:kJeGXJtrAeCwGv1GOq11ZTXIW1vnbcgpyAFTLOe:k5ZtrA3C9ZTlnb7pyAUe
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Plugins/BlankScreen.dll
-
Size
9KB
-
MD5
b9d4b5254e5647fdf8236e890d29810a
-
SHA1
93220a47529f7b0a9181c72481f81f366c211ac7
-
SHA256
033e790e1cb99781d3d9710553e74de6a3c5e9765eca6c717b23c515708e86a7
-
SHA512
33be9e0e4bfa8851b1fa389da59b2ed75d8852e8a6cf2b7a410d910578167ce50c917bab2ac264daafa65b0d1f3727a358bea1a01faa71790fab037131c55548
-
SSDEEP
192:ezfcER2CRuTzi9fTGOlF1LATWEIW1PnaiwpM4QLOBk:ocG2cS+UTWOnaiwpMCG
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Bookmarks.dll
-
Size
28KB
-
MD5
37de3820cfee60eeacbc1700fcc966fb
-
SHA1
5d85967609218b3df136aac0096383075cd5bddf
-
SHA256
83e61cafed75d7d799f4cc7b1e91c3b0c8785ce97a9dd8528a34ef2f8003ec9a
-
SHA512
ac4a0b26a7c9d939eae399fb1a0ed575d64ef769f0cd6026e6f12f4ec9d472cb105765320e8e3a5bb06c142ce2143be697cda4234e74cc5127cafe73755cc70f
-
SSDEEP
768:S6s1GRoX8l3E0edaVGMKFK2D3Vbuw1z9ruOc2GkYCrB9gB:U8kMR2D3Vb9ruOc2GktB9gB
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Bot.dll
-
Size
10KB
-
MD5
2cf7d3e1ec1b9f2d906b191df52802a1
-
SHA1
74168f86a77444e394fba5b5605153e099917cd3
-
SHA256
ce5bce27f2a2b1d1e2fd52dbcf94b4d1f3ed133f491fabf8b80f1f6978c5552e
-
SHA512
327bcce5b2e921615abde17cdfe4572e54f3e4c79f0f08bc314c8e891460a90c4d407db3c1c6b27d02555c0a81e02afa39c98d071121ab71449507b1b87113d6
-
SSDEEP
192:psFxWDh8iTEeo1EIpHRfoH1GO+0A5WgycT/IW1U9y/L2fqvVWMLW+:CqhDEdThUwn5hycTi9y/L2fqvVG+
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Chat.dll
-
Size
18KB
-
MD5
181599ac647dcaac9bee9be73e40501d
-
SHA1
fced4627ecc0f8172af1a34e54d226311b54634b
-
SHA256
29bf5ad7420bf165b555970a15b94b93f9dd288df87a66327022ff9602bccd8e
-
SHA512
1c835a6749caa39ad9188cda2c6629f2b78adb8388b4010e09e9ad5b326c137c237448006339b6c8ba9d6310bcde06bfb0a3e1ae72f14acca485f9a5bf363e40
-
SSDEEP
384:qL6SP+OzVEbK6LcuTKQt0InoIInfUUWRfE:M6SP+OBOKmcmqIInfUXm
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Chromium.dll
-
Size
32KB
-
MD5
34f049112ea43d6cee9ea124282854f5
-
SHA1
f0ff219107853d5d82f74603f1077d4f4c1c8317
-
SHA256
ec15606129c31d519b6752d3567b1b2603efe877938443707080c05abaa161e5
-
SHA512
7b2947529d1f558ba4c54414b58b5f81cfb6fea8181879ec8cdcc2df9c3bff9d1f96a5d79a4191e02dcfb2be132fff39c6dd62283aabe72c3f7254e550e1175a
-
SSDEEP
768:xGW9spcK+tRAj0xtaqPXvYXP0vzAqaVh6wB3Zs/Yx/3:xGW9jZ2j0xtaqPvYXP4AqQh6Y1
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Clipboard.dll
-
Size
9KB
-
MD5
9681d56abcdd302dc435e865d4375df2
-
SHA1
77fa370dbebdd13b18dc6f41f86d2dd64379ee75
-
SHA256
75b37e44ec0d76cc4862de45f69f362499e7707b3fc0ed03c4b68b04a505ed43
-
SHA512
1e19afed9b96ae122faa34fdd04a79c9e65270f944992b33aa8a2f894847f01c7fe533c338574367ca8ea5ac0f57c291839e17fa97ecd8d972800b637c5efb54
-
SSDEEP
192:zPNE2c1og86hRlfOHdv1TLxIW1Pn/+97RML22nU:zFEl1og86RktTLbn/+9NeU
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Clipper.dll
-
Size
10KB
-
MD5
a91c4c459bfc493552b37cd6ad79eb4e
-
SHA1
0147792b9c5c21b9a1e68f098803ad7d6876c6fa
-
SHA256
3087f4c71222172069ffc441a2aca41785562a92260e6fca813a576a8e104fdc
-
SHA512
6932b326312501c82f0be5ed8fc22d659fbb008ba66087186e814a23b8d31b21f058a4d3226cc6569b713e9e4dc3e8cb535ec1edb395cb5c4548e573252a588e
-
SSDEEP
192:nfxgo6FiR3r9UdNltsOIO/dQ1GiMIW1Pbe/nPA8/YjNMLOi:nCFar+dN/IEuGiWi/nPA8/8Hi
Score1/10 -
-
-
Target
XWorm-RAT-main/XWorm RAT V2.1/Plugins/Cmstp-Bypass.dll
-
Size
11KB
-
MD5
b6168619969011ef036cced5e6d2bb88
-
SHA1
a69ffe4f8f41040ca839772e334d11147965e00e
-
SHA256
995e755827bf8c1908e64d40a7851e05706b89e41dee63037e5c4be0b61f113e
-
SHA512
d43890212684841982cb180b246c776b4499f5c3b3d285f87b572a369553023899642cb70faeea2dc1d9f2eec99773d395b6573397d20aae18b685d24cffc7f6
-
SSDEEP
192:fZCBkF2mSmZbBYBIpN4YeTysxIGOyv4Bb9akegyaTRIW1vr/uTDFs5GATLec7hH0:fYM2mNOBI/UysxZ/QBbUkZyaTjr/6YGY
Score1/10 -