xworm | 605c696ea30503c201de62ef70ed12e6eee4414f43ff3e6867f23725e352d85b | Triage

Submit
Reports

Overview

overview

Static

static

Xworm fps.exe

windows7-x64

Xworm fps.exe

windows10-2004-x64

Sharing

General

Target

Xworm fps.exe
Size

32KB
Sample

241202-3lvdtaymcs
MD5

610642f564b2c87b6a3c0e7ccee61fcc
SHA1

e117a61d181827c3eb34dc5fefbecf5361b6feba
SHA256

605c696ea30503c201de62ef70ed12e6eee4414f43ff3e6867f23725e352d85b
SHA512

0e1da532eab074df7f931446ce6fcde0306f0b5ac3af56b55f57f4b5c8618409f1796a6ea8ee24cf6b331ed2f88a20dfa90dff76bbe73b31f41bcb45012f9d33
SSDEEP

768:GRPD9OQhx/BQQ3Tw49FzVFE9jfOjhibC:Gd9OW/f3U49HFE9jfOjMu

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Xworm fps.exe

Resource

win7-20240903-en

xworm rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

Xworm fps.exe

Resource

win10v2004-20241007-en

xworm rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

traffic-appointed.gl.at.ply.gg:7777

Mutex

jrPYsKraQ4vhPDji

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  Xworm fps.exe
- Size
  
  32KB
- MD5
  
  610642f564b2c87b6a3c0e7ccee61fcc
- SHA1
  
  e117a61d181827c3eb34dc5fefbecf5361b6feba
- SHA256
  
  605c696ea30503c201de62ef70ed12e6eee4414f43ff3e6867f23725e352d85b
- SHA512
  
  0e1da532eab074df7f931446ce6fcde0306f0b5ac3af56b55f57f4b5c8618409f1796a6ea8ee24cf6b331ed2f88a20dfa90dff76bbe73b31f41bcb45012f9d33
- SSDEEP
  
  768:GRPD9OQhx/BQQ3Tw49FzVFE9jfOjhibC:Gd9OW/f3U49HFE9jfOjMu
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy