Overview

overview

10

Static

static

10

rat.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rat.exe

  • Size

    58KB

  • Sample

    250126-ewt9ss1qht

  • MD5

    6c11c2d8d820ec31234facdfefe3a68b

  • SHA1

    f1df0f86c9ff8724229ad285c36d7e68281a6e99

  • SHA256

    5aa8c33941fb6fa703a24071c9edf9b8e988e5ae1b6621e29546cd238bda3775

  • SHA512

    58d39a41a678d9024101a2b09375f510f5c312605673320564b46ed014a743abeba92095a78e80ad5c4ae4e7fc000a56e103e1db524dbdb3c3a3275435ab2f6e

  • SSDEEP

    1536:ghxJkDcumJYw2kgLzEyc7nz+byYhqapL4V7O2TWWc:ggw2dSz+byubUxO2T7c

Score
10/10
xwormrattrojan

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:7000

Attributes
  • install_file

    USB.exe

Targets

    • Target

      rat.exe

    • Size

      58KB

    • MD5

      6c11c2d8d820ec31234facdfefe3a68b

    • SHA1

      f1df0f86c9ff8724229ad285c36d7e68281a6e99

    • SHA256

      5aa8c33941fb6fa703a24071c9edf9b8e988e5ae1b6621e29546cd238bda3775

    • SHA512

      58d39a41a678d9024101a2b09375f510f5c312605673320564b46ed014a743abeba92095a78e80ad5c4ae4e7fc000a56e103e1db524dbdb3c3a3275435ab2f6e

    • SSDEEP

      1536:ghxJkDcumJYw2kgLzEyc7nz+byYhqapL4V7O2TWWc:ggw2dSz+byubUxO2T7c

    Score
    10/10
    xwormrattrojan

    • Detect Xworm Payload

    • Xworm

      Xworm is a remote access trojan written in C#.

      trojanratxworm

    • Xworm family

      xworm
    behavioral1

MITRE ATT&CK Matrix

Tasks