xworm | e07cf3548d51bb01fc5eaa62ac40723b425f2a092553ae397b402952cfbd7f12 | Triage

Submit
Reports

Overview

overview

Static

static

e07cf3548d...2N.exe

windows7-x64

e07cf3548d...2N.exe

windows10-2004-x64

Sharing

General

Target

e07cf3548d51bb01fc5eaa62ac40723b425f2a092553ae397b402952cfbd7f12N
Size

40KB
Sample

241110-tpeyvszlax
MD5

186a08ac7b314ee4daae873ee6e06bc0
SHA1

711aaa1dca5db54d914587bfbc5ac84150c1ff26
SHA256

e07cf3548d51bb01fc5eaa62ac40723b425f2a092553ae397b402952cfbd7f12
SHA512

ada780135d0ca44cb90d5fbf646ac65a6aefb2d97cc9095a82f50a19954fe7dc953090cc79aba5242e696b8aa178fd4134fae4b1f9b242c60afb79376ccdda4d
SSDEEP

768:oxAMnhNNnAcU9atkEayDmxNi+BJF5Pt9OY3X6BOMhF3/J1:oxLJnAcUuJaF6YFD993X6BOMzb

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

e07cf3548d51bb01fc5eaa62ac40723b425f2a092553ae397b402952cfbd7f12N.exe

Resource

win7-20240903-en

xworm rat trojan

windows7-x64

5 signatures

120 seconds

Behavioral task

behavioral2

Sample

e07cf3548d51bb01fc5eaa62ac40723b425f2a092553ae397b402952cfbd7f12N.exe

Resource

win10v2004-20241007-en

xworm rat trojan

windows10-2004-x64

5 signatures

120 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

score-responding.gl.at.ply.gg:17538

Mutex

w38vggbXjK9JyQSb

Attributes

Install_directory
%AppData%
install_file
conhost.exe

aes.plain

Targets

- Target
  
  e07cf3548d51bb01fc5eaa62ac40723b425f2a092553ae397b402952cfbd7f12N
- Size
  
  40KB
- MD5
  
  186a08ac7b314ee4daae873ee6e06bc0
- SHA1
  
  711aaa1dca5db54d914587bfbc5ac84150c1ff26
- SHA256
  
  e07cf3548d51bb01fc5eaa62ac40723b425f2a092553ae397b402952cfbd7f12
- SHA512
  
  ada780135d0ca44cb90d5fbf646ac65a6aefb2d97cc9095a82f50a19954fe7dc953090cc79aba5242e696b8aa178fd4134fae4b1f9b242c60afb79376ccdda4d
- SSDEEP
  
  768:oxAMnhNNnAcU9atkEayDmxNi+BJF5Pt9OY3X6BOMhF3/J1:oxLJnAcUuJaF6YFD993X6BOMzb
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy