xworm | 98bb8993b66cdc1bab7ea0c412a867bc5ad074c22ce5ac22d2bc96855ca1829f | Triage

Submit
Reports

Overview

overview

Static

static

98bb8993b6...9f.exe

windows7-x64

98bb8993b6...9f.exe

windows10-2004-x64

Sharing

General

Target

98bb8993b66cdc1bab7ea0c412a867bc5ad074c22ce5ac22d2bc96855ca1829f.exe
Size

70KB
Sample

241010-jy7ecs1hjg
MD5

4f99e5e92e4eb0d0fa2aa397d5860ce2
SHA1

4a22ad6d61ec0430f49addafbc10f0124d125c40
SHA256

98bb8993b66cdc1bab7ea0c412a867bc5ad074c22ce5ac22d2bc96855ca1829f
SHA512

b4e1002a1883f2849b89b0bb818b49d3a56e69ccb65d27cd571611fb7eac86dd0e3a14eb33249f629c3beb7f3bab0e39d968e67db44856abb061fa594610fc54
SSDEEP

1536:uhMvu8rbNS8Z5V4Dt9Brzp1IbRNoMOrk6gkVxOAzPFD1uPb:RwACXr0bRvoxOI9Dwj

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

98bb8993b66cdc1bab7ea0c412a867bc5ad074c22ce5ac22d2bc96855ca1829f.exe

Resource

win7-20240708-en

xworm rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

98bb8993b66cdc1bab7ea0c412a867bc5ad074c22ce5ac22d2bc96855ca1829f.exe

Resource

win10v2004-20241007-en

xworm rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

xworm

C2

147.185.221.18:14512

Attributes

Install_directory
%AppData%
install_file
SystemUser.exe

Targets

- Target
  
  98bb8993b66cdc1bab7ea0c412a867bc5ad074c22ce5ac22d2bc96855ca1829f.exe
- Size
  
  70KB
- MD5
  
  4f99e5e92e4eb0d0fa2aa397d5860ce2
- SHA1
  
  4a22ad6d61ec0430f49addafbc10f0124d125c40
- SHA256
  
  98bb8993b66cdc1bab7ea0c412a867bc5ad074c22ce5ac22d2bc96855ca1829f
- SHA512
  
  b4e1002a1883f2849b89b0bb818b49d3a56e69ccb65d27cd571611fb7eac86dd0e3a14eb33249f629c3beb7f3bab0e39d968e67db44856abb061fa594610fc54
- SSDEEP
  
  1536:uhMvu8rbNS8Z5V4Dt9Brzp1IbRNoMOrk6gkVxOAzPFD1uPb:RwACXr0bRvoxOI9Dwj
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy