xworm | 04cfe85ad9f84a7bb65c39ed40e209fdd61f3a3cb52d0606a9fc41f780a2ba1f | Triage

Submit
Reports

Overview

overview

Static

static

XClient.exe

windows7-x64

XClient.exe

windows10-2004-x64

Sharing

General

Target

XClient.exe
Size

33KB
Sample

241117-tfwv1sxqbr
MD5

f869f9d64a8a01aff088f8c830a477dc
SHA1

0e8af0081201e0d423abc29ae6f2cd948c12ba97
SHA256

04cfe85ad9f84a7bb65c39ed40e209fdd61f3a3cb52d0606a9fc41f780a2ba1f
SHA512

0da21ecb4896f716b1fb3b3e8813eb268aabd84f1e51f29c24fc6b8349ccfbd377d957828b437882d5ef65c654001f25a65259777ecd18980cdd0116afde876c
SSDEEP

384:Cl8UlK/V9FoBZ9aZV0NLx7o92lKZaJZvf/95ApkFy7BLT/OZwpGmTv99IkcisOHh:qO/VMOGxwgJZvn9dFyJ9FoOjh4Jy

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

XClient.exe

Resource

win7-20240903-en

xworm rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

XClient.exe

Resource

win10v2004-20241007-en

xworm rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

sep-framing.gl.at.ply.gg:61526

Mutex

wCIHQbYCz8ryLWwh

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  XClient.exe
- Size
  
  33KB
- MD5
  
  f869f9d64a8a01aff088f8c830a477dc
- SHA1
  
  0e8af0081201e0d423abc29ae6f2cd948c12ba97
- SHA256
  
  04cfe85ad9f84a7bb65c39ed40e209fdd61f3a3cb52d0606a9fc41f780a2ba1f
- SHA512
  
  0da21ecb4896f716b1fb3b3e8813eb268aabd84f1e51f29c24fc6b8349ccfbd377d957828b437882d5ef65c654001f25a65259777ecd18980cdd0116afde876c
- SSDEEP
  
  384:Cl8UlK/V9FoBZ9aZV0NLx7o92lKZaJZvf/95ApkFy7BLT/OZwpGmTv99IkcisOHh:qO/VMOGxwgJZvn9dFyJ9FoOjh4Jy
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy