Overview

overview

10

Static

static

10

20428817e3...19.exe

windows7-x64

10

20428817e3...19.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    20428817e336776e739fd2dafec5cd45e2b7c8ffabbbc840ac0fa2ce26b55019.exe

  • Size

    53KB

  • Sample

    241118-tcbqnszkbz

  • MD5

    bea6f99060a151da90864ae96d3d1a95

  • SHA1

    745cc417a866b7328f4e397b5a1eb879c6a192e4

  • SHA256

    20428817e336776e739fd2dafec5cd45e2b7c8ffabbbc840ac0fa2ce26b55019

  • SHA512

    0ec8e220ff4eae964415c4eb3ec556825332c2b53dbf3fd8e9700ec32ee16436fdedb21d1d45dbe84bea1c884adc1329eada55c401ee280c3ba99c4137cf0652

  • SSDEEP

    768:EDotFM9Bohu4E30IqCHCThyhnJNf+VkbrC3OQITiYUkegOOh9fttp:hNu45CHmyhbSkbG+BiuOORtp

Score
10/10
xwormrattrojan

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:52794

tcp://tannerdontplay-52794.portmap.host:52794:52794
Attributes
  • install_file

    USB.exe

Targets

    • Target

      20428817e336776e739fd2dafec5cd45e2b7c8ffabbbc840ac0fa2ce26b55019.exe

    • Size

      53KB

    • MD5

      bea6f99060a151da90864ae96d3d1a95

    • SHA1

      745cc417a866b7328f4e397b5a1eb879c6a192e4

    • SHA256

      20428817e336776e739fd2dafec5cd45e2b7c8ffabbbc840ac0fa2ce26b55019

    • SHA512

      0ec8e220ff4eae964415c4eb3ec556825332c2b53dbf3fd8e9700ec32ee16436fdedb21d1d45dbe84bea1c884adc1329eada55c401ee280c3ba99c4137cf0652

    • SSDEEP

      768:EDotFM9Bohu4E30IqCHCThyhnJNf+VkbrC3OQITiYUkegOOh9fttp:hNu45CHmyhbSkbG+BiuOORtp

    Score
    10/10
    xwormrattrojan

    • Detect Xworm Payload

    • Xworm

      Xworm is a remote access trojan written in C#.

      trojanratxworm

    • Xworm family

      xworm
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks