xworm | 6edb184cd11c0d4480c3f2c7d962ca49834abd62f8a674863ee3179962658f9f | Triage

Submit
Reports

Overview

overview

Static

static

yltr.exe

windows7-x64

yltr.exe

windows10-2004-x64

Sharing

General

Target

yltr.exe
Size

33KB
Sample

241114-tp1wbsvldl
MD5

631e418d348797555ab28626ffb0dd88
SHA1

460054a2f9052ddb9c53a1fdfe71d5dda9e18e48
SHA256

6edb184cd11c0d4480c3f2c7d962ca49834abd62f8a674863ee3179962658f9f
SHA512

a8e72715a7a9cad22056c7a671c41bdfed939df8b1f21db4cfb496c4f4f23b4e123337ada4cfc700819cc7b870ab229749f06cf22a2e6768cda5b122d752037c
SSDEEP

768:9XGQHJVcAiwkFwhqimZoVFY9jZrOjhNbw:5GQH9kSTm0FY9jROjvM

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

yltr.exe

Resource

win7-20240903-en

xworm rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

yltr.exe

Resource

win10v2004-20241007-en

xworm rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

yourself-member.gl.at.ply.gg:51770

yourself-member.gl.at.ply.gg:51770:51770

Mutex

bzs7cQqZHSIu8YKv

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  yltr.exe
- Size
  
  33KB
- MD5
  
  631e418d348797555ab28626ffb0dd88
- SHA1
  
  460054a2f9052ddb9c53a1fdfe71d5dda9e18e48
- SHA256
  
  6edb184cd11c0d4480c3f2c7d962ca49834abd62f8a674863ee3179962658f9f
- SHA512
  
  a8e72715a7a9cad22056c7a671c41bdfed939df8b1f21db4cfb496c4f4f23b4e123337ada4cfc700819cc7b870ab229749f06cf22a2e6768cda5b122d752037c
- SSDEEP
  
  768:9XGQHJVcAiwkFwhqimZoVFY9jZrOjhNbw:5GQH9kSTm0FY9jROjvM
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy