xworm | a5976230b3e5d8efc40dea84c992209fccee38c06c310ee881cd8d1b0872ed0e | Triage

Submit
Reports

Overview

overview

Static

static

132.exe

windows10-ltsc 2021-x64

Sharing

General

Target

132.exe
Size

56KB
Sample

241115-cx9prsxdkb
MD5

1bc4e67e8e5636713df1be6d4c821343
SHA1

ab2e070e4a1e70ff33e2a17c0ce17eb3e4b2823d
SHA256

a5976230b3e5d8efc40dea84c992209fccee38c06c310ee881cd8d1b0872ed0e
SHA512

fe032a075b5e13d6a1b1e3101c92b4330030d31f507f9bf4a3482f71d8670a3594ca93ce7ca809fd41f2a38d9b71eeb5faa036bcd9f2d97297e21aad05874be2
SSDEEP

1536:/gJbKVjEfb1fI50/igd7RzbnbGC79Obwu:IJIjWhfI50qg5RzbnJhObwu

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

132.exe

Resource

win10ltsc2021-20241023-en

xworm rat trojan

windows10-ltsc 2021-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

3.1

C2

147.185.221.19:26229

Attributes

Install_directory
%Public%
install_file
USB.exe

Targets

- Target
  
  132.exe
- Size
  
  56KB
- MD5
  
  1bc4e67e8e5636713df1be6d4c821343
- SHA1
  
  ab2e070e4a1e70ff33e2a17c0ce17eb3e4b2823d
- SHA256
  
  a5976230b3e5d8efc40dea84c992209fccee38c06c310ee881cd8d1b0872ed0e
- SHA512
  
  fe032a075b5e13d6a1b1e3101c92b4330030d31f507f9bf4a3482f71d8670a3594ca93ce7ca809fd41f2a38d9b71eeb5faa036bcd9f2d97297e21aad05874be2
- SSDEEP
  
  1536:/gJbKVjEfb1fI50/igd7RzbnbGC79Obwu:IJIjWhfI50qg5RzbnJhObwu
Score

10^/10

xworm rat trojan
- Contains code to disable Windows Defender
  A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
- Drops startup file
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy