Overview

overview

10

Static

static

10

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file

  • Size

    39KB

  • Sample

    241122-nrxnsszmas

  • MD5

    feeffe6b4ec91b7313a0f0c3a2bc9850

  • SHA1

    420d2d6af474adfa2914c976dfa2b98f298276a0

  • SHA256

    4acc559876c3fad0f837761f3eaad7fcaa080e06f0d9d50f185e0d8e575fc238

  • SHA512

    44b66e4e2f345cbdbc963e57d334c45cef86c3875f35462e6eaa58612c5d3cc1e2879b3ce28e77bf91b3e287f30659f47d87e0418d7320cb6f2e7b6a7a2ec22c

  • SSDEEP

    384:IOJUBMcFRlOttRngu7/GQftLDC08+1uC2DGyg4/ZaVQkpkFMA0iLTuOZwp0U2v9S:dKM46+Qfx+t+VQGygBeF79WuO+htF76

Score
10/10
xwormrattrojan

Malware Config

Extracted

Family

xworm

Version

5.0

C2

87.120.113.179:7000

Mutex

cga3LG3MEu39iwYg

Attributes
  • install_file

    USB.exe

aes.plain

Targets

    • Target

      file

    • Size

      39KB

    • MD5

      feeffe6b4ec91b7313a0f0c3a2bc9850

    • SHA1

      420d2d6af474adfa2914c976dfa2b98f298276a0

    • SHA256

      4acc559876c3fad0f837761f3eaad7fcaa080e06f0d9d50f185e0d8e575fc238

    • SHA512

      44b66e4e2f345cbdbc963e57d334c45cef86c3875f35462e6eaa58612c5d3cc1e2879b3ce28e77bf91b3e287f30659f47d87e0418d7320cb6f2e7b6a7a2ec22c

    • SSDEEP

      384:IOJUBMcFRlOttRngu7/GQftLDC08+1uC2DGyg4/ZaVQkpkFMA0iLTuOZwp0U2v9S:dKM46+Qfx+t+VQGygBeF79WuO+htF76

    Score
    10/10
    xwormrattrojan

    • Detect Xworm Payload

    • Xworm

      Xworm is a remote access trojan written in C#.

      trojanratxworm

    • Xworm family

      xworm
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks