Overview

overview

10

Static

static

10

rat.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rat.exe

  • Size

    41KB

  • MD5

    90890e801605d6dde75b8d8932be11fc

  • SHA1

    2f803316d93a44c26d9ef99b925141a5df0d743e

  • SHA256

    d49c82de605c049900ae22529606b25934819a619f9dbf09f4d5f425f70df625

  • SHA512

    52de00faa7ea783b50664079e96a7416c07b89a3785dc7bb57a51f36334b8ef266b54d84a142c209afc0b7be1eb2664943864b0b5dd4decc5f3f81a4b6893a64

  • SSDEEP

    768:umrJDweBDuOkScrbsN/x6GACAr43MxfJF5Pa9p+BA6iOwhp3/ibM:u0DwewicrbsN/YXRrNRF49IBA6iOwjaY

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

growth-planning.gl.at.ply.gg:48210

Mutex

ylH0TKIOoxZbmH4u

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • rat.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections