stormkitty | efce2b6f58b48c5d7d9754608b66389dd025d196fc83197ee8f55edc5c4b570b | Triage

Submit
Reports

Overview

overview

Static

static

XWormLoader.exe

windows10-2004-x64

Xworm V5.6.exe

windows10-2004-x64

1

Resubmissions

15-01-2025 11:01

250115-m4m5fssnel 10

15-01-2025 10:59

250115-m3twls1kgw 10

Sharing

General

Target

Xworm-V5.6.zip
Size

24.8MB
Sample

250115-m4m5fssnel
MD5

549457d8a6e73ff9bba0b6f49435b1cd
SHA1

9fdad4ffc6abf282cfecbe7b4b63819fc8963493
SHA256

efce2b6f58b48c5d7d9754608b66389dd025d196fc83197ee8f55edc5c4b570b
SHA512

ce38b05ae6461138428c6cce2372a1d5f49013e0aa225d03164fe8ff84f9812a9679c2530afa661da7e0d94c5f5e4d84c7cbb9f0ab2c54d139b4597310b306f5
SSDEEP

393216:fksvZYOvKlvvvSbSQ1VGleRfDPW927iEPb+3TaCcZC0iRHbKo:VZTkvaKle892eR3TEZS9D

Score

10^/10

stormkitty xworm rat trojan

Static task

static1

stormkitty xworm

6 signatures

Behavioral task

behavioral1

Sample

XWormLoader.exe

Resource

win10v2004-20241007-en

xworm rat trojan

windows10-2004-x64

8 signatures

900 seconds

Behavioral task

behavioral2

Sample

Xworm V5.6.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

5 signatures

900 seconds

Malware Config

Extracted

Family

xworm

C2

ways-pubmed.gl.at.ply.gg:58965

Attributes

Install_directory
%AppData%
install_file
XClient.exe

Targets

- Target
  
  XWormLoader.exe
- Size
  
  62KB
- MD5
  
  f12257a215c6546afe0dd7a350186de0
- SHA1
  
  15db08fe43afdd313b30ac7de033fc2509e4cf01
- SHA256
  
  72861bba392267caba0c88e11cf5a214f42ecc83b3d1672d57a017351141fa09
- SHA512
  
  ea70ba774fdae41725f1983dfe712f4c7b92047969376ab85f06d38f342d62b4d42bb4dec6dec0df658bcae426cbc8d1a7214f45d4c595e65e52a334b43d3637
- SSDEEP
  
  1536:luHMEoH3Lp5XrxibzLCm+breBkmpRMMSigaOO9igk:lYegzLCm+brEpKMSilOyHk
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
- Drops startup file
behavioral1
- Target
  
  Xworm V5.6.exe
- Size
  
  14.9MB
- MD5
  
  56ccb739926a725e78a7acf9af52c4bb
- SHA1
  
  5b01b90137871c3c8f0d04f510c4d56b23932cbc
- SHA256
  
  90f58865f265722ab007abb25074b3fc4916e927402552c6be17ef9afac96405
- SHA512
  
  2fee662bc4a1a36ce7328b23f991fa4a383b628839e403d6eb6a9533084b17699a6c939509867a86e803aafef2f9def98fa9305b576dad754aa7f599920c19a1
- SSDEEP
  
  196608:P4/BAe1d4ihvy85JhhYc3BSL1kehn4inje:PuyIhhkRka4i
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stormkittyxworm

behavioral1

behavioral2

© 2018-2025

Terms | Privacy