xworm | bc9c3b5ab2fee57ec7a40f5cb8acdf9b119433b1cbeebfbf237a632a59a0be08 | Triage

Submit
Reports

Overview

overview

Static

static

2024-11-19...ar.exe

windows7-x64

2024-11-19...ar.exe

windows10-2004-x64

Sharing

General

Target

2024-11-19_80c6ecb0c6917d279942a3afb12da18c_hiddentear
Size

167KB
Sample

241119-s61q8axnet
MD5

80c6ecb0c6917d279942a3afb12da18c
SHA1

235a3a0d66d249ff9fcabe64e1c666a84c304592
SHA256

bc9c3b5ab2fee57ec7a40f5cb8acdf9b119433b1cbeebfbf237a632a59a0be08
SHA512

cdf930be6a3ad432caef98e9b3e5e3ea8625bcf39592527cc8642bdc1a7f0f1640133afed238843ce5f8bb8dafc384885efa4e7b43220e68a539f791e188be59
SSDEEP

3072:gME9Qkh/HMbE7R14gozOjVZ3M+lmsolAIrRuw+mqv9j1MWLQ+:+QkkbwXU+lDAA

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2024-11-19_80c6ecb0c6917d279942a3afb12da18c_hiddentear.exe

Resource

win7-20240903-en

xworm rat trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-11-19_80c6ecb0c6917d279942a3afb12da18c_hiddentear.exe

Resource

win10v2004-20241007-en

xworm rat trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:7000

Attributes

install_file
USB.exe

Targets

- Target
  
  2024-11-19_80c6ecb0c6917d279942a3afb12da18c_hiddentear
- Size
  
  167KB
- MD5
  
  80c6ecb0c6917d279942a3afb12da18c
- SHA1
  
  235a3a0d66d249ff9fcabe64e1c666a84c304592
- SHA256
  
  bc9c3b5ab2fee57ec7a40f5cb8acdf9b119433b1cbeebfbf237a632a59a0be08
- SHA512
  
  cdf930be6a3ad432caef98e9b3e5e3ea8625bcf39592527cc8642bdc1a7f0f1640133afed238843ce5f8bb8dafc384885efa4e7b43220e68a539f791e188be59
- SSDEEP
  
  3072:gME9Qkh/HMbE7R14gozOjVZ3M+lmsolAIrRuw+mqv9j1MWLQ+:+QkkbwXU+lDAA
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy