xworm | ea51932b361cef7f72f9215bfe0643893034d012e8a7175a052c670766375891 | Triage

Submit
Reports

Overview

overview

Static

static

.exe

windows7-x64

.exe

windows10-2004-x64

Sharing

General

Target

.exe
Size

40KB
Sample

250118-vtaelszndq
MD5

2d83ffb1a05be44cad752f38417c9dd2
SHA1

f00654018773b78eaa63945963fa458b6770b923
SHA256

ea51932b361cef7f72f9215bfe0643893034d012e8a7175a052c670766375891
SHA512

c76aac50b3d9ddb80e558269c6045ce1e25646cd934d4a9aece6079fac486f5cb57ddf02458f4163287ba9d9f0ce1bcbf4173a98276a771855e676e56d5849ca
SSDEEP

768:TERUFPu4riNqCwWzkSRs0RpPw9XsQhLO4uekM:Ta40NdPwp1ObekM

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

.exe

Resource

win7-20240729-en

xworm rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

.exe

Resource

win10v2004-20241007-en

xworm rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

xworm

C2

employment-audience.gl.at.ply.gg:18358:1111

Mutex

zazrSXbaPKZmoJfB

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  .exe
- Size
  
  40KB
- MD5
  
  2d83ffb1a05be44cad752f38417c9dd2
- SHA1
  
  f00654018773b78eaa63945963fa458b6770b923
- SHA256
  
  ea51932b361cef7f72f9215bfe0643893034d012e8a7175a052c670766375891
- SHA512
  
  c76aac50b3d9ddb80e558269c6045ce1e25646cd934d4a9aece6079fac486f5cb57ddf02458f4163287ba9d9f0ce1bcbf4173a98276a771855e676e56d5849ca
- SSDEEP
  
  768:TERUFPu4riNqCwWzkSRs0RpPw9XsQhLO4uekM:Ta40NdPwp1ObekM
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy