Overview

overview

10

Static

static

10

5190036ca6...ac.exe

windows7-x64

10

5190036ca6...ac.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5190036ca62c036c6d773d65518a770630063e9c3b363239cb6ec9bbb3af09ac.exe

  • Size

    30KB

  • Sample

    241122-pka2wswpck

  • MD5

    7adac8dcb8de748fcfa6b423d1c73b3d

  • SHA1

    17822c8195fb2faddbc3bf7268623d8dd4881c08

  • SHA256

    5190036ca62c036c6d773d65518a770630063e9c3b363239cb6ec9bbb3af09ac

  • SHA512

    ecba4616679f5d5f71e38a6b5d9bcf6f54130245af88e12753d44d09170b695296f7c6aeba3a84304c30c83d1c326a11e7ef4e275f53201854adea7613b6ea84

  • SSDEEP

    384:f7wTA+5OfhxeelKn4MPLZhspJgXlYECwaipXQs5RugtFuBLTIOZw/WVwvn9IkVu2:3Fx7s4EQK1YETDpAs5BFR9RXOqhdbPt

Score
10/10
xwormrattrojan

Malware Config

Extracted

Family

xworm

Version

3.0

Mutex

3yTrMWQo0uAgbLo1

Attributes
  • install_file

    USB.exe

aes.plain

Targets

    • Target

      5190036ca62c036c6d773d65518a770630063e9c3b363239cb6ec9bbb3af09ac.exe

    • Size

      30KB

    • MD5

      7adac8dcb8de748fcfa6b423d1c73b3d

    • SHA1

      17822c8195fb2faddbc3bf7268623d8dd4881c08

    • SHA256

      5190036ca62c036c6d773d65518a770630063e9c3b363239cb6ec9bbb3af09ac

    • SHA512

      ecba4616679f5d5f71e38a6b5d9bcf6f54130245af88e12753d44d09170b695296f7c6aeba3a84304c30c83d1c326a11e7ef4e275f53201854adea7613b6ea84

    • SSDEEP

      384:f7wTA+5OfhxeelKn4MPLZhspJgXlYECwaipXQs5RugtFuBLTIOZw/WVwvn9IkVu2:3Fx7s4EQK1YETDpAs5BFR9RXOqhdbPt

    Score
    10/10
    xwormrattrojan

    • Detect Xworm Payload

    • Xworm

      Xworm is a remote access trojan written in C#.

      trojanratxworm

    • Xworm family

      xworm
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks