xworm | 1209c3df30d7d53edad5c43e122e5c14e350e9d229cdf1e263fd16ef22f485f0 | Triage

Submit
Reports

Overview

overview

Static

static

test2.exe

windows7-x64

test2.exe

windows10-2004-x64

Sharing

General

Target

test2.exe
Size

296KB
Sample

241119-sn1cqssmfn
MD5

396ef18c45676b0074e41dc2212e06d3
SHA1

fe07d7d57a66b71611086771260163432a9e7b55
SHA256

1209c3df30d7d53edad5c43e122e5c14e350e9d229cdf1e263fd16ef22f485f0
SHA512

3c46d42d0f054ebda330cda1a37aeaf833c697c78f476fa1db80f888608582e7fddeed8daab0e0f373ad6446131e2323f335d787b5a7b58032adcd3333bebb29
SSDEEP

3072:TvNYzFFE9jZOjmAZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ+ZZZZZZZZZZZZZP:z8E9Z+GIIIIIIIhIIIIIIIIIIIIIIIU

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

test2.exe

Resource

win7-20240903-en

xworm rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

test2.exe

Resource

win10v2004-20241007-en

xworm rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

158.247.200.45:7033

Mutex

1kxWUkLkK2xrr7Fy

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  test2.exe
- Size
  
  296KB
- MD5
  
  396ef18c45676b0074e41dc2212e06d3
- SHA1
  
  fe07d7d57a66b71611086771260163432a9e7b55
- SHA256
  
  1209c3df30d7d53edad5c43e122e5c14e350e9d229cdf1e263fd16ef22f485f0
- SHA512
  
  3c46d42d0f054ebda330cda1a37aeaf833c697c78f476fa1db80f888608582e7fddeed8daab0e0f373ad6446131e2323f335d787b5a7b58032adcd3333bebb29
- SSDEEP
  
  3072:TvNYzFFE9jZOjmAZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ+ZZZZZZZZZZZZZP:z8E9Z+GIIIIIIIhIIIIIIIIIIIIIIIU
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy