xworm | 91a798d403e38654845f22425446b744537d590a30a4b6cc8cb7a644532ca3f6 | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

36KB
Sample

250123-1g2afstrhv
MD5

9ed4756a3e33c28cfca97ed7c737ed8c
SHA1

f867527016a43f52790af243b821d28b747b182f
SHA256

91a798d403e38654845f22425446b744537d590a30a4b6cc8cb7a644532ca3f6
SHA512

a612b1b65d75c1c2db2d2a0751dbc932631e65c2622ff3108c4d7ac5bb3324380d563cf2515b3f3cfc734f02603026bc34169b2522e977be0d0627493a076b7d
SSDEEP

768:vL13A5Uno9RfHWa2BoXeo8icH1bxbFb9EWOMh8QXvQ:jxA5Uno9JHWXOeNicH1bBFb9EWOMe6Q

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20240903-en

xworm rat trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20241007-en

xworm rat trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

87.120.116.179:1300

Mutex

D9SUsC7nLI4t2dR8

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  file.exe
- Size
  
  36KB
- MD5
  
  9ed4756a3e33c28cfca97ed7c737ed8c
- SHA1
  
  f867527016a43f52790af243b821d28b747b182f
- SHA256
  
  91a798d403e38654845f22425446b744537d590a30a4b6cc8cb7a644532ca3f6
- SHA512
  
  a612b1b65d75c1c2db2d2a0751dbc932631e65c2622ff3108c4d7ac5bb3324380d563cf2515b3f3cfc734f02603026bc34169b2522e977be0d0627493a076b7d
- SSDEEP
  
  768:vL13A5Uno9RfHWa2BoXeo8icH1bxbFb9EWOMh8QXvQ:jxA5Uno9JHWXOeNicH1bBFb9EWOMe6Q
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy