63fe9f7d220d295e4e0df685b4f839d0dacd50953b3548efc66e75a1f287b112

Sharing

Copy URL

Twitter E-mail

General

Target

XWorm V3.0.rar
Size

24.3MB
Sample

240921-aa2drsvhkf
MD5

5e033f5a0f950a7b5560e8f24b251f50
SHA1

cb4eac72064e692c2e0489a457bb8afd12cc2eee
SHA256

63fe9f7d220d295e4e0df685b4f839d0dacd50953b3548efc66e75a1f287b112
SHA512

fdf52f10901d6a3c2ba0e8e011a989bd37f45ccdf65c00fe3955e1dc3b9fe165b80457f7ea1443f85e4f7a1e8eeb02a88366e4f2eb92ddfdc19ddbb3d5e8e3d1
SSDEEP

786432:iKc2+qMwTyNedROWmLrDvWWrx8PXEookJd2e1:iKc2I8IZPebJ1

Score

10^/10

Malware Config

Targets

- Target
  
  XWorm V3.0/NAudio.dll
- Size
  
  502KB
- MD5
  
  3b87d1363a45ce9368e9baec32c69466
- SHA1
  
  70a9f4df01d17060ec17df9528fca7026cc42935
- SHA256
  
  81b3f1dc3f1eac9762b8a292751a44b64b87d0d4c3982debfdd2621012186451
- SHA512
  
  1f07d3b041763b4bc31f6bd7b181deb8d34ff66ec666193932ffc460371adbcd4451483a99009b9b0b71f3864ed5c15c6c3b3777fabeb76f9918c726c35eb7d7
- SSDEEP
  
  6144:96/i10SZtfzWctj98vZcE0wmLlaIZs5eku2sX2hrjAzvgmXa6W9FwsT9idwktQZG:9yrSKMJR9aGs55T1X9Fwspi2tGpmS
Score

1^/10
behavioral1 behavioral2
- Target
  
  XWorm V3.0/Plugins/ActiveWindows.dll
- Size
  
  14KB
- MD5
  
  d45c2a95c5670074713be9e669e4d610
- SHA1
  
  96d26829b4ef8156eb5906f84535866f7f859203
- SHA256
  
  4263c50674c6ab64a9b5a1ad5e301628baa975e4c919d0c7767ec39adf4cbfe0
- SHA512
  
  e15a8fc7fa81ad1a6446db7c18494b2e4c15ab28844dbb77deadcae72064ed6bd6e08fe59604c27bd4e44ed059c1a424f322a753293d76bd574262aa31b9e3ea
- SSDEEP
  
  384:7qIGejCUccJeGCJWM2YFegdT8Ft0Y7XZ3W6DMz:7qIGeXcWrCJ+EtYZ3W6Du
Score

1^/10
behavioral3 behavioral4
- Target
  
  XWorm V3.0/Plugins/All-In-One.dll
- Size
  
  4.8MB
- MD5
  
  f21e73b79f9aec821c976b4fbae7225c
- SHA1
  
  7be974156ad16f23f4b91b47c380f8c3422a9863
- SHA256
  
  2987ef4a83e2c44a9abe57cdd9a4bc2b8cbaa01f6835c45cfce180b4d978982c
- SHA512
  
  476bdb0c6ac8703e467c51b90b23e45ab72a2e81652e3106732b69d9d299c277c0f9d308117cd338089d3578ebe73d12559b4300fda24d32ca7f1991827aa8df
- SSDEEP
  
  98304:pl19F9QORkChiDC9OtH7c2iwGxIvPBOw0JefVfQ2a5cFd4KssODtd:J9FPRkC8C9OH7c2ilInz0kfVo26Wsd
Score

1^/10
behavioral5 behavioral6
- Target
  
  XWorm V3.0/Plugins/Chat.dll
- Size
  
  18KB
- MD5
  
  c1a27e18603cdd587ae47e0e4b71c5f1
- SHA1
  
  9a8a3b938c0e4c79687750dbbd459ff3879c4c2f
- SHA256
  
  eef8fb30e32b48e1480a6131de34436c0a8efafcf807856fcebd618661b7a6c6
- SHA512
  
  53467107f6f0443854879d61135d73e04e387f9cc5e6ccd277732d582095eea9268d5ad6be1a8502421109ba77d86bb20d42efbe67b97d309b4c6c215b6575b9
- SSDEEP
  
  384:KeUeLD8aDbXCtSeEd3uq7uQZRHUrwTKvt0GIKoIkfiUWGfZ:MkbCtSeE5uq7uQYr0HIkfiX6
Score

1^/10
behavioral7 behavioral8
- Target
  
  XWorm V3.0/Plugins/Clipboard.dll
- Size
  
  14KB
- MD5
  
  b23bb3be1718e1aeefc3e822119692f9
- SHA1
  
  d4dabddf9b9d3f0b2adb86a3799f1cf9ec614d48
- SHA256
  
  5a70530748decb0c81fb9c912fd3d75d7d493fd67675bb7dbfe141c3fda15587
- SHA512
  
  d66697d97146148978aa5f46cc14232230e553842601cc0e3b0eaaf86f21e91f907153dc710405df7d1dc32d8120134886b29ec164738cef0fa7a827a2ae90a1
- SSDEEP
  
  192:KkAXyVpJlyIxlioHESRJ29u+6ZWSYASO3tOXXgNTen1i9iY6IW1mX/60/qAqEM7R:KkXVpuoHpMDfAR98STe1oi2X/6kMrwU
Score

1^/10
behavioral10 behavioral9
- Target
  
  XWorm V3.0/Plugins/FileManager.dll
- Size
  
  27KB
- MD5
  
  d2c7a574a9b9df92366a981761d494ba
- SHA1
  
  d7d6c4674eac54102e61331fc116ac5abebf42ee
- SHA256
  
  f13aa0515a65a4701269a57183884846417688d1476c7252291ac5bf7149746b
- SHA512
  
  a876da49f048fffb0dc522d4f7471b1c1076fda327d7ad0282162b749375dc13797300f51ccb0b5d2327d6b6f6e0f75f3204a83a4a384108f1e34b7a179b0ce0
- SSDEEP
  
  384:tp4K215dISbc/TY0mN1PGDQXSBJVYol/tF37enOAkxqb8cq/hsutzgk/b7oBxkSE:h21vWk0yPGsXAr7dtRKPb8V3emjC0b
Score

1^/10
behavioral11 behavioral12
- Target
  
  XWorm V3.0/Plugins/FileSeacher.dll
- Size
  
  478KB
- MD5
  
  21e5acae055bddd2ad584271d77f881e
- SHA1
  
  df3b8db334e5bce0597cea77a4770fad8d7db6fb
- SHA256
  
  557a215cec1a3df37da8a6798354e79a3a70f548f7955cfa43a2d75e1d037053
- SHA512
  
  52896aabc03595320370a1318749e899b451020f74cedc511b6daa618908bcaa4aee7d0b808a4df6721e2c1a4f93e2f84cea00179f0c7149dccbe6f155eb3dab
- SSDEEP
  
  6144:OPv5T5fIIC8W8XqeGtSV41QJDsTDDh0Yhe6dwxLV/vuhgS0mOdwcG:0nfIICLlS4Ys50ie6CfigSji
Score

1^/10
behavioral13 behavioral14
- Target
  
  XWorm V3.0/Plugins/HRDP.dll
- Size
  
  1.7MB
- MD5
  
  e8130166c9f0919f0c94f989898a26b2
- SHA1
  
  3611474d473bad7474f8bea8e3277652d72cd3b4
- SHA256
  
  7d4b0d5cc5f09f26183aa34468b78b083ddd895802a41273583f45202a9a618e
- SHA512
  
  a444b8945dec63fa64452408cb0f3f95d5b60330b74f927df7e16feedad08862d164381a137bf2a14c42af5fe9eaa6813c2f8d1d44fcbe570eec3b7cecf12a8d
- SSDEEP
  
  24576:UrKxoVT2iXc+IZ++6WiaTAsN/3ebTvK+63CWH8iA/iD2hgPjcC8SVdKumYr7:RHZ5pdqYH8ia6GcKuR7
Score

1^/10
behavioral15 behavioral16
- Target
  
  XWorm V3.0/Plugins/HVNC.dll
- Size
  
  57KB
- MD5
  
  cb5c8cd73ed161125e46bb455fe468b5
- SHA1
  
  2f5852f549262e0a5ee8e385c336e3d9860e3441
- SHA256
  
  3a17d1922ada241def8a14f9ac7a7789bf2b5dd4cc9045ed08f28546982c233d
- SHA512
  
  e6f26e61e8c75fa18d7b6e8800b07104f1314cd312d85b3d3d0db7f8d482bc4582a7237643d24308e0b7ccb5d779b666be6216b3364e6d0d7ee9aeeaa40394bd
- SSDEEP
  
  1536:uth/ecTkz12BWR7mmt+0d7tzGxh23tnc2/:2h/ejz12BWR78M7tCxh2hz/
Score

1^/10
behavioral17 behavioral18
- Target
  
  XWorm V3.0/Plugins/Informations.dll
- Size
  
  22KB
- MD5
  
  92ba1499b2547f0e38e26360f94101af
- SHA1
  
  71b9ac23eca1c0f50517631cffe59ec1950147b3
- SHA256
  
  0452d60d658a43929bf2d5bc049e2c57c2d61f58b6444bab88834c870305dfdf
- SHA512
  
  1106d4386cda5fe98736138e0e6a01fb2e234700a9e5ed61e2b6a59cdfc82cf82dc2486488944ad009ad34fb3a04b9894bd52fea52968741350b09c7975d4d9c
- SSDEEP
  
  384:4nQf5APE80e6vkD7RQQpOJXWn3TmoNhxJNSOFD4rfZ41:4nQfGPEOD7vcJKj3NSDZQ
Score

1^/10
behavioral19 behavioral20
- Target
  
  XWorm V3.0/Plugins/Keylogger.dll
- Size
  
  17KB
- MD5
  
  666290af0aade9cf9f377c5fdce9cba3
- SHA1
  
  d981466e4838b2bac54edf53548169124bdea145
- SHA256
  
  c2dc7f27304ad0b1a726b5784b030207b93765a8986c4a4f3999733097a4d43e
- SHA512
  
  23ccd8c1ea776a70637dad70ccea3f435d99c7465fe99a6d4f8f726f6c320081f5d7327f654bc0f7abf0389b6b95c55809f474c52ca2e3898e99efbe454e77d9
- SSDEEP
  
  192:tLCuLDdyxqvzfZ3ium13gyWacxv8ilNwOHLnq4UP1XPeDN6IW1Y6Up90KWi8Jlb0:EuDdYe0umJ6xfwEO4UNWD8Upt+5h6V
Score

1^/10
behavioral21 behavioral22
- Target
  
  XWorm V3.0/Plugins/Maps.dll
- Size
  
  15KB
- MD5
  
  fef310962c772bbce74c9d9dd3516803
- SHA1
  
  bc3923626417961059688730b464a10fe4eb6115
- SHA256
  
  b1699235a5ea07dd6516230309f6d94c697d6f9db96ac664dd269aa471a56dcc
- SHA512
  
  389ed724fbcb298e5e302166725ceef7067d85e5d71c0a11267717584906c328686110c19ab5b275ee075e1b88b294c9a072c9d3ddef76e0759c584862622bef
- SSDEEP
  
  192:5zW/qqmhqfohvEajSJz+5q6gn+jNq7gGte31HC9T6IW14X/bQeIY3t2vLOo2:KqqmhxvEajr53xgjteFi9BX/b3t1o2
Score

1^/10
behavioral23 behavioral24
- Target
  
  XWorm V3.0/Plugins/Microphone.dll
- Size
  
  540KB
- MD5
  
  563090381b43ef273e0dae20ada50d0d
- SHA1
  
  acd5271cf0f959c09d940733a92fc8ee0ed434a6
- SHA256
  
  b04ce7ba6ce58408b53ef7d4ef84866539727a76871cb09fef99314711aabb57
- SHA512
  
  f0f172b6591766f4e13b7df29c51674f84e80cd7c8317b305519b54f635605b96402764a04cc600024d3cca11c46b5e041692eba3ac919f8f63dd73e08ba37ec
- SSDEEP
  
  6144:1iwpFWBbjRTvqihWI1ElZT2J2CDt4azYPfb78+OmmN8fCgN8OQ9oYCY8gQNUyFJU:QkFWBxTvTWzlZSYXbg6TS4UYTPzeVzn
Score

1^/10
behavioral25 behavioral26
- Target
  
  XWorm V3.0/Plugins/Ngrok-Disk.dll
- Size
  
  7.0MB
- MD5
  
  e11f0adf9a1374112ee0b52ca41a2a9b
- SHA1
  
  23c742a1839800b4606fdb42f2baa9151876d894
- SHA256
  
  390f542854416819047e474e5c34ec39e80360cc8c69728d19e8d12732e932fc
- SHA512
  
  6acf4f3f888230aed388d31c0b2c52f6da0c1c31f4184e065511f07aee87757c6f101bbddb8d20d651b7e65d8c329fe871ffb5a4ceebb3ace928fd042a97307c
- SSDEEP
  
  196608:NCsxED7kwTV6B/nCR7+AA3e5MryK5Rj1Bpw7Vdjz8wEO+Dl:NTED7/VEqt/A3TryARj1BpwLktl
Score

1^/10
behavioral27 behavioral28
- Target
  
  XWorm V3.0/Plugins/Options.dll
- Size
  
  29KB
- MD5
  
  90a1c5c0d1cd88b6fe390278c93c4530
- SHA1
  
  b4bec20a1c53e8255518505709a8947dcf7e13aa
- SHA256
  
  035f48b413cf328ddf2bada1b6afd5698f9b8cddf2bcc0187a97629f1063c042
- SHA512
  
  ade19d4160bee947a0df9b5bc0ecb4976c1e4ba848e9360b978429fd94aa39a00016107d3daefdc795e45bcb3717c9673fdc543ef544b3e11d92ecfc473c71e8
- SSDEEP
  
  768:01fYFYWjF84UGEm3uGIKxbF/OfUs5Rd794kv:YfYFYWjUm3uabF/1s5Rd79R
Score

1^/10
behavioral29 behavioral30
- Target
  
  XWorm V3.0/Plugins/Pastime.dll
- Size
  
  17KB
- MD5
  
  787f48174c04f87346bdb09f5aff1d95
- SHA1
  
  18278dbb1102a3e0772c5661a51bef6f4965f688
- SHA256
  
  87baedbd864856f6fdd2ee4fb256842de326b1eea2f71a4fc1914402cdda1f07
- SHA512
  
  af26853c8372529f109220722045e2a920c5cb9dea5310e1f6fe7d30a8189c54725db743e228709bcef3e20b50325fed57089b044eb18164b4affdbc388fbe12
- SSDEEP
  
  384:KhzO/ClGe/9GGzHQl3HREpi5/mY7//AlxsA8/rHbx:kzO/CEe/9GGzHQxH+wH/xA8/rHt
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32