xworm | 2c524e8d66efbb3ab6918c97a21cb8a2a5b4ae3cec3e29212384597c56c1f1b8 | Triage

Submit
Reports

Overview

overview

Static

static

COuRt.exe

windows7-x64

COuRt.exe

windows10-2004-x64

Sharing

General

Target

COuRt.exe
Size

33KB
Sample

241117-r3wgna1ngs
MD5

6288b5d55cae147b10d8116d0a103f61
SHA1

5d6ebbffbfbc5e7a9e773051b66957b079d57e79
SHA256

2c524e8d66efbb3ab6918c97a21cb8a2a5b4ae3cec3e29212384597c56c1f1b8
SHA512

96f440e75817e3623c4771389559eecb5bb093e92a3ad0b764963ca648ffeaee58f08943939f10901d7deb40b8f1aa97df01402e4689b0323fd72070fa67cbbd
SSDEEP

384:kl+PkjD9+E5MFs7iui8L7zdM42pfL3iB7OxVqW9SRApkFXBLTsOZwpGN2v99Ikuv:Q+CD93W03C42JiB70qVF49jWBOjhEbv

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

COuRt.exe

Resource

win7-20240729-en

xworm rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

COuRt.exe

Resource

win10v2004-20241007-en

xworm rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

six-usb.gl.at.ply.gg:49722

Mutex

Ph531DZXeuDBo12H

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  COuRt.exe
- Size
  
  33KB
- MD5
  
  6288b5d55cae147b10d8116d0a103f61
- SHA1
  
  5d6ebbffbfbc5e7a9e773051b66957b079d57e79
- SHA256
  
  2c524e8d66efbb3ab6918c97a21cb8a2a5b4ae3cec3e29212384597c56c1f1b8
- SHA512
  
  96f440e75817e3623c4771389559eecb5bb093e92a3ad0b764963ca648ffeaee58f08943939f10901d7deb40b8f1aa97df01402e4689b0323fd72070fa67cbbd
- SSDEEP
  
  384:kl+PkjD9+E5MFs7iui8L7zdM42pfL3iB7OxVqW9SRApkFXBLTsOZwpGN2v99Ikuv:Q+CD93W03C42JiB70qVF49jWBOjhEbv
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy