Overview

overview

10

Static

static

10

8034047719...7b.exe

windows7-x64

10

8034047719...7b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8034047719a42f4e2b6dc9301ad6d6dc6072f7a69203df22ecfe633f11b2ae7b.exe

  • Size

    99KB

  • Sample

    241109-dkf3csvpfy

  • MD5

    13a3a030bf41cda79b4dfa40393328c0

  • SHA1

    ec035165866b83cf821600efe152d9afff4d3a6e

  • SHA256

    8034047719a42f4e2b6dc9301ad6d6dc6072f7a69203df22ecfe633f11b2ae7b

  • SHA512

    99b8e9a9b71bc6596c316f45e040824b83fa81435aa966c556cc79b9550b48b8f7cc571e2354d58a0979d7a35f715840ae28cc4afc94c22da12f84863d9f3886

  • SSDEEP

    1536:g4hlqp8hIBRnSu4+cwQBUtFFqvRQFRWnMGEDNoAhBdtfPWklPBP3OS:HhTIBR/4xJBIw5ouEDmgdtfPHPN3OS

Score
10/10
xwormrattrojan

Malware Config

Extracted

Family

xworm

Version

3.1

C2

194.169.175.112:4404

Mutex

0VDEVqaa03SL6dGN

Attributes
  • install_file

    USB.exe

aes.plain

Targets

    • Target

      8034047719a42f4e2b6dc9301ad6d6dc6072f7a69203df22ecfe633f11b2ae7b.exe

    • Size

      99KB

    • MD5

      13a3a030bf41cda79b4dfa40393328c0

    • SHA1

      ec035165866b83cf821600efe152d9afff4d3a6e

    • SHA256

      8034047719a42f4e2b6dc9301ad6d6dc6072f7a69203df22ecfe633f11b2ae7b

    • SHA512

      99b8e9a9b71bc6596c316f45e040824b83fa81435aa966c556cc79b9550b48b8f7cc571e2354d58a0979d7a35f715840ae28cc4afc94c22da12f84863d9f3886

    • SSDEEP

      1536:g4hlqp8hIBRnSu4+cwQBUtFFqvRQFRWnMGEDNoAhBdtfPWklPBP3OS:HhTIBR/4xJBIw5ouEDmgdtfPHPN3OS

    Score
    10/10
    xwormrattrojan

    • Detect Xworm Payload

    • Xworm

      Xworm is a remote access trojan written in C#.

      trojanratxworm

    • Xworm family

      xworm
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks