Resubmissions
18-11-2024 05:21
241118-f11stazdrk 10General
-
Target
XWorm.rar
-
Size
59.1MB
-
Sample
241118-f11stazdrk
-
MD5
6ec728dd292a8e1f39cd6baea415ff66
-
SHA1
e1103f0af9d27f5c56667d98a36dd40ab5ec8392
-
SHA256
c03c2ec5ef0958a61a913e2bfb80a420a030f579858cc203b3d2bc3b938400cd
-
SHA512
ffc584bfb586e7c123f5e7c153fd9e9187e7010e7b4bce9ae590c05961bbbfa46b4c2f25ded830626e30aea919cec31f7026ccf699510f8cccb1921507829a40
-
SSDEEP
1572864:c3UGEBh79oS6ea3nG8zWxYKClanZV79oS6eaqAHRvr:QEBhxb6eaxixDnZVxb6eaFJ
Malware Config
Targets
-
-
Target
XWorm/XWorm V5.1/Plugins/Pastime.dll
-
Size
17KB
-
MD5
3ce2798e9b1eab7bb6bb1b3fd05b9d76
-
SHA1
158381fc7878eb05165f7366f19ff31fba430ce7
-
SHA256
875c1962bf11cf5f2028e0ef4f4bcc3daaf76580e238314bbf4e86cdffb6ada8
-
SHA512
00db6270b743f84522bf172737fb9a6ebe0572d190cfaba6e1d044846d6adc7c73db2b364aea97589d4928ca51186efe54a755a63fbe7b6825b9440b5cb1bacf
-
SSDEEP
384:CEoxsRLvyUi4U4R7XonhJAH+epi5zOY7//Zl/sA8/fT1:CEoKVvri4UA7YnEnwr/UA8/fh
Score3/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/Performance.dll
-
Size
15KB
-
MD5
87e355ce53c21af0c7e99e409cda1030
-
SHA1
fb92f0ac5608a1975ef4c6c9c909bda242d1ea57
-
SHA256
0b5ce04c01a60c7e22dcdb787e1b531e9ed21fc085a590bc1b12ffaf2139f51f
-
SHA512
f8621221aacb23e34d1b5f87e06f3692d9d5c3d378e2849af25ae1ed4dde543d548626bb3c6f209a453b9b073f00947016e7f918fb443513b4d64f9561f2a79a
-
SSDEEP
192:hHGK+5+m2XJkHfeDJtmTSCWtv2l4KO+YAgVTgw1qD92B6IW1xxHHd7OVpu7IUSLe:4ywst3c1mTgOw2QxH97OVpuUqR
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/ProcessManager.dll
-
Size
17KB
-
MD5
eb4f3ba934cf42c45f564071c843db19
-
SHA1
da69dab6c42295c3f44bc36cca37803e13aa8535
-
SHA256
e068a0e8e15e3d329929bf365483136e7f0eb2a60f1deac9eadb7b2628813d7b
-
SHA512
31c9ff22ed50aa6df704b63843bddb11db712259dd61cd7ba3bfda89ce79612f3b9a9b4e839083bca19fe1fe0e51d54928799fc9f6f62517e3cfd3e685a6980e
-
SSDEEP
384:CdfDSm8iGh5I84ZQsCH97/Y5gLCEYptkpnrDhwK4TkAvfsxfZLnVb:CdfDV8iwmyhlYlTkAv0H
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/Programs.dll
-
Size
13KB
-
MD5
6078a9d99bda1baea4278c58e8c2d770
-
SHA1
739e812a578e9824a2e2f995e309fc951a7c9c4c
-
SHA256
6b51fc64e9ad16c34249ee1e17011115832482b3f11e2abaf45fc3914d6990b0
-
SHA512
ba6ce606eb04bc6293c9ffe781df502f6f9468515a9d6311a8a3a71f4643f83fde3055ffebf9f80e14a7bcdb5559f3d8f2f5d369a519fa4b7252c55041157ebe
-
SSDEEP
384:8A3FIPiu78UTyGS7dnTu5lYTX/1gTEedNtb:8A3Mr78UTy5BTp/1lKn
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/Ransomware.dll
-
Size
20KB
-
MD5
40e74e4d7e20c67b63b928e6e2dcb5b9
-
SHA1
d8f21a676f9bbe875f285d500ad282bdc9bbe611
-
SHA256
f5c148b2b5562c5317ba4ff7660176303ad517a8f41d3ce61d4fda28b38f529f
-
SHA512
445a8378c2f1f483430a5a4d7ce7c50d932d54c67f553c08216545ff1cee071619484f399103c5194c86ba8e8b3a2cb06785e5c94379ca5a39512d1896c8c9a2
-
SSDEEP
384:hVSO27QJHvpebFn0LC9Tk7ff2ji+ZMuqI+sHY4k7EFeEDuQZh:hVm7Q1vpebF0LC9TqH2Mj7Utqg
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/Recovery.dll
-
Size
1.1MB
-
MD5
d143dd13436ea071cfffa0355d94c835
-
SHA1
c726d0a1ec3285cc2bb659eabc3811e7f4c0a29c
-
SHA256
03911e6b4e99f2d2b3db157f63404ae1710ed244b5e14922191766b2c3db6489
-
SHA512
289194267f580a00aa6bedfdc070cd4f4dc4d848f5f1a7f51c765b3ebe3ae9a696428dbcac29e378357e6bd58316a6c1b19202bbb1443a5e0cd698ca5ec09828
-
SSDEEP
12288:Q2uX3iDoOeiWYcW3GFNFfcaFeFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbchc:rNeiWYtc/5/jbOE8ULrVmCCo
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/Regedit.dll
-
Size
15KB
-
MD5
9530a91925d914607c0df9ed955a83e5
-
SHA1
fba975a820fc6b1c9ea03af5be1c4197952e2b96
-
SHA256
6a855b5bc322108918df5b9a555639d497293f4b0348a89ad34a58cd8f79d9d5
-
SHA512
2414b1754ae38e2f0d8ba167f76729427190f0f7043f155e4ce51943a3edf5e60ab9c162c8d47f3e30cd6e652c535e0e3258c1ade1a24c7ebf857d7eb834353a
-
SSDEEP
384:tAk743gHOThJ1ACZMDqYpmewuYvpYrQrfOr9A8/Pj9eZ:tAY4t1AyMD6zY0iA8/P8
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/RemoteDesktop.dll
-
Size
18KB
-
MD5
c8ddc4ebead0acb3e08cfdc419668940
-
SHA1
4f5bc5ab42b412141ac53255e60604659a30e7d0
-
SHA256
87a7936a734dffb443cec78d24052a23b22003279002d247f46f1411e9f771c8
-
SHA512
0e3c7657b1dd9108e86bf36c8d83a1edea56190205bf3b14106fde2ba710def47c3edb10b009dcb7e320dd7ef7bab82e7332baa4ce7fc876c387079f1a801293
-
SSDEEP
384:rcDEKdGoIrxAsQhdBdtKSbjt9l/C6m5YxBQbqJtjS2:rc4V3x5EdBuOJBsSjZ
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/ReverseProxy.dll
-
Size
16KB
-
MD5
cd609d63448251132f2248f5cfbc0cc9
-
SHA1
250b7b4ae13dfb99393ea923fadb0e458482fb33
-
SHA256
94843761eb8100fab4b689d432a37f72661bfdd0ca1758f1c3ba0d22446e0db2
-
SHA512
87f3a4a956a0475942ee00283b01755c48d4edd80b08908ead982a7e812f149a2a5ad75536fcca2b3adf890869006568b15a7c0f848e86a7b3db42e2e18d7138
-
SSDEEP
384:GxhzLf8ZkYXVgUzTNnrYFXoRFlS9gPCD:Gxhk+YXdfEoRFQ9gPc
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/RunPE.dll
-
Size
11KB
-
MD5
a1d0f909db90570717e8c574ef2957e0
-
SHA1
ecb55d0ce7b22f01b48be09644981837f03ccb66
-
SHA256
0920f5b8edb560797075c406a375a598cfb0510d74cc3aafd32858d57f94192b
-
SHA512
d08522d47f0309da756875bece23bdfab68dcd623cea1c6f620527ba6726e1c58a704cd40df8b40a5189656aea04997f3ead1edafcdfc968ab0b60dca17fca7a
-
SSDEEP
192:Cbfqh94qP9XFw3l+JNGGOueq1JtSnIW1fUseypo7SLOYN:CbChWqPj5jJtGUseypoHYN
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/ServiceManager.dll
-
Size
14KB
-
MD5
5229243ed10457119751de714677fefa
-
SHA1
954a3c4160dacf6ec1c8ae8dba4769a50750ef1d
-
SHA256
b60b683e8faac11a79203778b274986b95ffe037727c3cdb97a9556cf827602a
-
SHA512
e5036d85ec2d611755d88bf6fed4fc239f7e54a3ac8c26724c654a282621e0e28ec27ded55a8e269397a4a7f7f7825eb55ed465a2f13e2127465ac604bfd5b4d
-
SSDEEP
384:IQ7lIxrn2dEda+RWUtTZ5nYsSh8ZZUwJjm:IQhIVn2dEdZ9+h8ZZ9
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/Shell.dll
-
Size
15KB
-
MD5
ea4847b1f5869f7ee2b83b8ab05c6aa5
-
SHA1
855eb009a1c4805c913f4c4b19d34b608bc915b7
-
SHA256
4ca1a76b8fb1ceee3e98cf76009254437415ffd0b0912241b66aaa5c1778b4fb
-
SHA512
e927b6454ddca9f0769111cb041e413c566d064d08e53f21128795be3f00268a777cd630c6c27da7b70f6865ba44f8d5c3c2caa5d028904d1bed615657d57b12
-
SSDEEP
192:tk/C8fflArGr0J4z4sCS2IictD3ROFBLggT051i9Yd6IW1OU1buo2XR1F5cLW8:581ArGmlS2IRtVUXT0HoYpU1bR2xx8
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/StartupManager.dll
-
Size
189KB
-
MD5
b038c80c5415ab7d1d6ccb6f17693b60
-
SHA1
7c78d86bd41da81e535701aee0a26aded5232123
-
SHA256
35d2cb631980ae59d64dbc3cca141487eb855258a92c36caa2ca66cda9a0cd62
-
SHA512
6d40cf6ac9913ab51135dc62a1bcedb20a36c8e1a3826a03271d3b843436b1273853f40ec91212b811d2695de79a914a19f97dd0d3112c19d4048091049704b9
-
SSDEEP
3072:w2rExorpMoREHBAnpK37nXs83+oQvN74Syoh20K7SAgmRHHLzp+oI:wqrZv8mmgmRnfp
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/Stealer.dll
-
Size
3.3MB
-
MD5
8b191325ca71e3c25025cf01787df6fd
-
SHA1
609c5511a2f95d235c08bf9b8c89d367c55379f8
-
SHA256
2a2372a977ba9bf12438c9b8e9557f9fb9fe33586b05e62302ba217f3359b3cb
-
SHA512
882ddb5dcf4371cb2169edd8d63729e6f1a979957e120b46f009dd5407cf5f1063301b29e2ae4dbb3035493449b94ff1cbd024873799baef105bdaf0ed0286f9
-
SSDEEP
49152:GVbwgxmbsO2B7wKOfpUL6GbriHeGAb4TkyNejjASqE08:GVbFxmbsO2B7wKOxZSf
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/TCPConnections.dll
-
Size
16KB
-
MD5
e3ed1afe1f8fd7745ce8419a353b7500
-
SHA1
59a6aec16969f546772876a101ff09b503e58f0b
-
SHA256
be49f6452b73ce3168e776ed64a9826f794e80d218faf49d093389889a149c11
-
SHA512
8279d59a816439618fc7b6eec2892911e81c5e917bbdc8a75dbfb4eda64856a6b0e75582b71477961d04abe9d8008583876433f93d330f309b57972943adc9b4
-
SSDEEP
192:DKo8pevV3pE6vGvyj2T/Qfpp/dv/f2OtyEox0GTeA19Z/J6IW1Gz/tZYCKKIxLWz:v8pevfvGvmxhD2wyzTeej/Zz/ZNLv
Score1/10 -
-
-
Target
XWorm/XWorm V5.1/Plugins/UACBypass.dll
-
Size
10KB
-
MD5
79ded5e1a6313ac45450a8ea9fe5205a
-
SHA1
31249393b18927d6c4f809f99a9fb6949d8c6b75
-
SHA256
6a8785acdffdf6a1fc18b0c19e5d427388831d16225201d50b2a4113ed4ae86b
-
SHA512
22a845a4ca19c6505fbea3601cd3cc4f88161b7dcd597971f206c3c109f1dc77270b0f506acba7df8eb275def87b1c3d3b205ca0d825011234cace1deb61e729
-
SSDEEP
192:fcq0WYKDFxDviOGOko8bZfmgyOYkIW1UZ/Xvjljw2rgiSL20V:fntNFxOrE8bLyOYBZ/XTrgU0V
Score1/10 -