Extracted

• • Target

    testing47234872384.exe

  • Size

    82KB

  • MD5

    ffb5c76122038941fcba99df5661a253

  • SHA1

    60941bb74a27727b1f08152686d4764c7058021a

  • SHA256

    f451deb7dbf69c76a83426c6bd1116e6a667c61f9b0ce86cce95a1ae3c1b6a5f

  • SHA512

    8cddb02cbd37615384d5bde7b39ceadac96180ac666514420d86bf01a94193e578b4b066ac55a1444fd64f137f8254c06f934780435801976dee4356b6eb9096

  • SSDEEP

    1536:qU7/ggrCrLVmDH2iF414wWkUubGGWHeYuj6n5Ode+5uO:qU7IgqsPF/zPubG3Ode9O

  Score

  10^/10

  xwormrattrojan

  • Detect Xworm Payload

  • Xworm

    Xworm is a remote access trojan written in C#.

    trojanratxworm

  • Xworm family

    xworm

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2