xworm | 8a64168a70be9147486da40573ecb300a8427c019b82169c58eae4b3e0d94ac7 | Triage

Submit
Reports

Overview

overview

Static

static

XClient4.exe

windows7-x64

XClient4.exe

windows10-2004-x64

Sharing

General

Target

XClient4.exe
Size

33KB
Sample

241106-x91ylsymgp
MD5

7ce0316f7dc2e0d59f7274bdc18aa566
SHA1

3e8bae2ebcb5ba258634f5e31e6479ac31760147
SHA256

8a64168a70be9147486da40573ecb300a8427c019b82169c58eae4b3e0d94ac7
SHA512

d933b193c14986067c5ff30a8bd41c702f849afffe755398064bf88e162121f042da2e78ecf4acbf7e6a5de86ac1271bc612db8c4cbc6f5b4efc26153363a531
SSDEEP

768:+4fK1pDGkptwyZScCBSUapNgqlDU/fZl+BcgN7AlTF59iBO9hHS8Rf:ODGkptwyZScCkU4rNUXZcB5N7QF59iB6

Score

10^/10

xworm discovery rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

XClient4.exe

Resource

win7-20241010-en

xworm discovery rat trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

XClient4.exe

Resource

win10v2004-20241007-en

xworm discovery rat trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

3.1

C2

celex-35359.portmap.host:35359

Mutex

7GxIsOHgvkeBSkzn

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  XClient4.exe
- Size
  
  33KB
- MD5
  
  7ce0316f7dc2e0d59f7274bdc18aa566
- SHA1
  
  3e8bae2ebcb5ba258634f5e31e6479ac31760147
- SHA256
  
  8a64168a70be9147486da40573ecb300a8427c019b82169c58eae4b3e0d94ac7
- SHA512
  
  d933b193c14986067c5ff30a8bd41c702f849afffe755398064bf88e162121f042da2e78ecf4acbf7e6a5de86ac1271bc612db8c4cbc6f5b4efc26153363a531
- SSDEEP
  
  768:+4fK1pDGkptwyZScCBSUapNgqlDU/fZl+BcgN7AlTF59iBO9hHS8Rf:ODGkptwyZScCkU4rNUXZcB5N7QF59iB6
Score

10^/10

xworm discovery rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xwormdiscoveryrattrojan

behavioral2

xwormdiscoveryrattrojan

© 2018-2025

Terms | Privacy