xworm | d612c870f9a514b4d8c0837a6128f7c341c3beb84bfe580312a63d58d34bf05a | Triage

Submit
Reports

Overview

overview

Static

static

2832-20-0x...ry.exe

windows7-x64

2832-20-0x...ry.exe

windows10-2004-x64

Sharing

General

Target

2832-20-0x0000000000650000-0x000000000066E000-memory.dmp
Size

120KB
Sample

241106-steyzstaqr
MD5

d551325ef873dba76488a6716eeba05d
SHA1

d125ce674d90a13edf438e60f9eb91c8fb7e773a
SHA256

d612c870f9a514b4d8c0837a6128f7c341c3beb84bfe580312a63d58d34bf05a
SHA512

4af917da2c304c98578422bbd953bdd28f2f2c19e354a48c9847e02764c76a78b93a99d5fc7b019e12898e055b2ab2afc6890904f231acd01afa56bd2c7df077
SSDEEP

3072:5JZkmOXW8RZCJvI4z66O+CN2b00FI9cf/:YRYJ92HN2b

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2832-20-0x0000000000650000-0x000000000066E000-memory.exe

Resource

win7-20241023-en

xworm rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

2832-20-0x0000000000650000-0x000000000066E000-memory.exe

Resource

win10v2004-20241007-en

xworm rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

66.154.103.135:4800

Mutex

rm4C0XC5aW9eGOEB

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  2832-20-0x0000000000650000-0x000000000066E000-memory.dmp
- Size
  
  120KB
- MD5
  
  d551325ef873dba76488a6716eeba05d
- SHA1
  
  d125ce674d90a13edf438e60f9eb91c8fb7e773a
- SHA256
  
  d612c870f9a514b4d8c0837a6128f7c341c3beb84bfe580312a63d58d34bf05a
- SHA512
  
  4af917da2c304c98578422bbd953bdd28f2f2c19e354a48c9847e02764c76a78b93a99d5fc7b019e12898e055b2ab2afc6890904f231acd01afa56bd2c7df077
- SSDEEP
  
  3072:5JZkmOXW8RZCJvI4z66O+CN2b00FI9cf/:YRYJ92HN2b
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy