Overview
overview
10Static
static
10XWorm V3.0/NAudio.dll
windows7-x64
1XWorm V3.0/NAudio.dll
windows10-2004-x64
1XWorm V3.0...ws.dll
windows7-x64
1XWorm V3.0...ws.dll
windows10-2004-x64
1XWorm V3.0...ne.dll
windows7-x64
1XWorm V3.0...ne.dll
windows10-2004-x64
1XWorm V3.0...at.dll
windows7-x64
1XWorm V3.0...at.dll
windows10-2004-x64
1XWorm V3.0...rd.dll
windows7-x64
1XWorm V3.0...rd.dll
windows10-2004-x64
1XWorm V3.0...er.dll
windows7-x64
1XWorm V3.0...er.dll
windows10-2004-x64
1XWorm V3.0...er.dll
windows7-x64
1XWorm V3.0...er.dll
windows10-2004-x64
1XWorm V3.0...DP.dll
windows7-x64
1XWorm V3.0...DP.dll
windows10-2004-x64
1XWorm V3.0...NC.dll
windows7-x64
1XWorm V3.0...NC.dll
windows10-2004-x64
1XWorm V3.0...ns.dll
windows7-x64
1XWorm V3.0...ns.dll
windows10-2004-x64
1XWorm V3.0...er.dll
windows7-x64
1XWorm V3.0...er.dll
windows10-2004-x64
1XWorm V3.0...ps.dll
windows7-x64
1XWorm V3.0...ps.dll
windows10-2004-x64
1XWorm V3.0...ne.dll
windows7-x64
1XWorm V3.0...ne.dll
windows10-2004-x64
1XWorm V3.0...sk.dll
windows7-x64
1XWorm V3.0...sk.dll
windows10-2004-x64
1XWorm V3.0...ns.dll
windows7-x64
1XWorm V3.0...ns.dll
windows10-2004-x64
1XWorm V3.0...me.dll
windows7-x64
1XWorm V3.0...me.dll
windows10-2004-x64
1Analysis
-
max time kernel
94s -
max time network
96s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
21-09-2024 00:01
Static task
static1
Behavioral task
behavioral1
Sample
XWorm V3.0/NAudio.dll
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
XWorm V3.0/NAudio.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
XWorm V3.0/Plugins/ActiveWindows.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
XWorm V3.0/Plugins/ActiveWindows.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
XWorm V3.0/Plugins/All-In-One.dll
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
XWorm V3.0/Plugins/All-In-One.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
XWorm V3.0/Plugins/Chat.dll
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
XWorm V3.0/Plugins/Chat.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
XWorm V3.0/Plugins/Clipboard.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
XWorm V3.0/Plugins/Clipboard.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
XWorm V3.0/Plugins/FileManager.dll
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
XWorm V3.0/Plugins/FileManager.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
XWorm V3.0/Plugins/FileSeacher.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
XWorm V3.0/Plugins/FileSeacher.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
XWorm V3.0/Plugins/HRDP.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
XWorm V3.0/Plugins/HRDP.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
XWorm V3.0/Plugins/HVNC.dll
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
XWorm V3.0/Plugins/HVNC.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
XWorm V3.0/Plugins/Informations.dll
Resource
win7-20240704-en
Behavioral task
behavioral20
Sample
XWorm V3.0/Plugins/Informations.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
XWorm V3.0/Plugins/Keylogger.dll
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
XWorm V3.0/Plugins/Keylogger.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
XWorm V3.0/Plugins/Maps.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
XWorm V3.0/Plugins/Maps.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
XWorm V3.0/Plugins/Microphone.dll
Resource
win7-20240708-en
Behavioral task
behavioral26
Sample
XWorm V3.0/Plugins/Microphone.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
XWorm V3.0/Plugins/Ngrok-Disk.dll
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
XWorm V3.0/Plugins/Ngrok-Disk.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
XWorm V3.0/Plugins/Options.dll
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
XWorm V3.0/Plugins/Options.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
XWorm V3.0/Plugins/Pastime.dll
Resource
win7-20240708-en
Behavioral task
behavioral32
Sample
XWorm V3.0/Plugins/Pastime.dll
Resource
win10v2004-20240802-en
General
-
Target
XWorm V3.0/Plugins/Options.dll
-
Size
29KB
-
MD5
90a1c5c0d1cd88b6fe390278c93c4530
-
SHA1
b4bec20a1c53e8255518505709a8947dcf7e13aa
-
SHA256
035f48b413cf328ddf2bada1b6afd5698f9b8cddf2bcc0187a97629f1063c042
-
SHA512
ade19d4160bee947a0df9b5bc0ecb4976c1e4ba848e9360b978429fd94aa39a00016107d3daefdc795e45bcb3717c9673fdc543ef544b3e11d92ecfc473c71e8
-
SSDEEP
768:01fYFYWjF84UGEm3uGIKxbF/OfUs5Rd794kv:YfYFYWjUm3uabF/1s5Rd79R
Malware Config
Signatures
Processes
Network
-
Remote address:8.8.8.8:53Request172.214.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request140.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request228.249.119.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request104.219.191.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request56.163.245.4.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request217.135.221.88.in-addr.arpaIN PTRResponse217.135.221.88.in-addr.arpaIN PTRa88-221-135-217deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request15.164.165.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request77.190.18.2.in-addr.arpaIN PTRResponse77.190.18.2.in-addr.arpaIN PTRa2-18-190-77deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request79.190.18.2.in-addr.arpaIN PTRResponse79.190.18.2.in-addr.arpaIN PTRa2-18-190-79deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request11.227.111.52.in-addr.arpaIN PTRResponse
-
74 B 128 B 1 1
DNS Request
172.214.232.199.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
140.32.126.40.in-addr.arpa
-
73 B 159 B 1 1
DNS Request
228.249.119.40.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
104.219.191.52.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
56.163.245.4.in-addr.arpa
-
72 B 146 B 1 1
DNS Request
15.164.165.52.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
217.135.221.88.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
77.190.18.2.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
79.190.18.2.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
11.227.111.52.in-addr.arpa