xworm | 7d01f4a1066fbccc3a047a2939bcb1071a98606f77a5e68da35d1cbe2a778b3e

Sharing

Copy URL

Twitter E-mail

General

Target

nurik.rar
Size

174.3MB
Sample

250301-kcxtgaxjs5
MD5

500d4b36e22e979150c17a65091fbfd3
SHA1

3b023e485479a54ed13135b390d3ca0d066fb09b
SHA256

7d01f4a1066fbccc3a047a2939bcb1071a98606f77a5e68da35d1cbe2a778b3e
SHA512

a594d8e395c892967daf9c909ea60a4315bb60f9dd4effd5f36978f88fabb61f951243132cd700f15f50cdc446dbcf371783d478f6a90776d3760719c69e5717
SSDEEP

3145728:0GwlSJVI67/pPenfN+lWH/neF41uvEPKJOUohoqheOgDPq1DVfeub8a5P72:0Gwl0DR2fNPneF41uvgKQNhejPqJNeu8

Score

10^/10

xworm

Malware Config

Extracted

Family

xworm

26.ip.gl.ply.gg:31516

Attributes

Install_directory
%AppData%
install_file
XClient.exe

Targets

- Target
  
  Nurik 1.16.5 client/client/libraries/jopt-simple-5.0.3.jar
- Size
  
  76KB
- MD5
  
  0a5ec84e23df9d7cfb4063bc55f2744c
- SHA1
  
  cdd846cfc4e0f7eefafc02c0f5dce32b9303aa2a
- SHA256
  
  6f45c00908265947c39221035250024f2caec9a15c1c8cf553ebeecee289f342
- SHA512
  
  c69c688a723a7f46dc3142156977d00ca82bc25e3f6e32c66851720db9107dccd1b0e17751272ed1a0c874449d122e040f890214b0e60828239c57639579f996
- SSDEEP
  
  1536:FIxHnxkGG2ZiU9PuVLbXANSWJl6r8/UBFrFrQcqNxFFdS4kM/DdjN1/83HMLmvgS:FwHxb1uVLbXATJl5IrFrQvJLkM/JJx6D
Score

1^/10
behavioral1 behavioral2
- Target
  
  Nurik 1.16.5 client/client/libraries/json-20231013.jar
- Size
  
  72KB
- MD5
  
  1a0702c57783ce9e948252c34644f328
- SHA1
  
  e22e0c040fe16f04ffdb85d851d77b07fc05ea52
- SHA256
  
  0f18192df289114e17aa1a0d0a7f8372cc9f5c7e4f7e39adcf8906fe714fa7d3
- SHA512
  
  a5cdd1ed984448d6538746429f2d1a0ec8f64f93af0e84870ce898a9f07a81d11bf27d2ee081471975772efc8a0d3d5e05541197a532066e9edb09ad032d31a3
- SSDEEP
  
  1536:I8H/7uh2MbfZ7bPKkktY1yLvZoW/4LbxzSPWFopXIJeD59Hlz+v:IAusOlutIkZoW/4LFSPWCIJeD59Fz+v
Score

1^/10
behavioral3 behavioral4
- Target
  
  Nurik 1.16.5 client/client/libraries/jsr305-3.0.2.jar
- Size
  
  19KB
- MD5
  
  dd83accb899363c32b07d7a1b2e4ce40
- SHA1
  
  25ea2e8b0c338a877313bd4672d3fe056ea78f0d
- SHA256
  
  766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
- SHA512
  
  bb09db62919a50fa5b55906013be6ca4fc7acb2e87455fac5eaf9ede2e41ce8bbafc0e5a385a561264ea4cd71bbbd3ef5a45e02d63277a201d06a0ae1636f804
- SSDEEP
  
  384:ryPbH105/su/xBbxi9hjroa9QG3Y2Wzxv9JMrRuuWPyEQoT49Mozkd1qQsFuHSdx:rimrliZro6pQZdGI+K83GK
Score

1^/10
behavioral5 behavioral6
- Target
  
  Nurik 1.16.5 client/client/libraries/jutils-1.0.0.jar
- Size
  
  7KB
- MD5
  
  f60976b19661c849c5c87433045a9885
- SHA1
  
  e12fe1fda814bd348c1579329c86943d2cd3c6a6
- SHA256
  
  c3334ff39cf0ab3b54925619101054c90098b7c733b1e7834c7b75e4c41e84a5
- SHA512
  
  39cdb29204df770b84ecd5d0041d8cf662c25bd16ef1e7d8257704a1ed3355cc3bb554b99d1fa2e8f0b5d99973201d344ab6cef04cacf98cd041f93a66e36bec
- SSDEEP
  
  192:n6Qgg4Ls8/fN7aoa0TqVmG1uM6BWNRXEnHCw:nsg4A8HdtqVP1uMBLUniw
Score

1^/10
behavioral7 behavioral8
- Target
  
  Nurik 1.16.5 client/client/libraries/log4j-api-2.8.1.jar
- Size
  
  223KB
- MD5
  
  a2ad9b058b4b03d43f3cc301701654e4
- SHA1
  
  e801d13612e22cad62a3f4f3fe7fdbe6334a8e72
- SHA256
  
  1205ab764b1326f7d96d99baa4a4e12614599bf3d735790947748ee116511fa2
- SHA512
  
  cc09611833cf3f0ff646c8500905ba4736d43df059887d05399c238e347ff65683d6229da51a6f12eb95bac6862171fa1352816aab9f8de3fdcdd9e663206137
- SSDEEP
  
  6144:V029SkwQJO9JMDLx96623m5bSsn/3a6Ea0:m29SkQUhW3m5bB/+d
Score

1^/10
behavioral10 behavioral9
- Target
  
  Nurik 1.16.5 client/client/libraries/log4j-core-2.8.1.jar
- Size
  
  1.3MB
- MD5
  
  547bb3ed2deb856d0e3bbd77c27b9625
- SHA1
  
  4ac28ff2f1ddf05dae3043a190451e8c46b73c31
- SHA256
  
  815a73e20e90a413662eefe8594414684df3d5723edcd76070e1a5aee864616e
- SHA512
  
  b80d2d0cf01497d09ad5d1ae8624b61185c41c0bea0bb5cbf6f9caa31ab85c9c4055fe5b0f867cb70ff7678d57adb3c61b6c04b8dbcb93d5ec42db403bb97779
- SSDEEP
  
  24576:NkT+yrdSpfX/Uj7uTeghgfl8vRjeLuvSwH91OZEjqK2SPjOMQqBJ+tuwzyvm:itUpfvUf+eghgKJjbvSwH7JOh8tAtuuF
Score

1^/10
behavioral11 behavioral12
- Target
  
  Nurik 1.16.5 client/client/libraries/lwjgl-3.2.2.jar
- Size
  
  314KB
- MD5
  
  b34fb770775fea4f9c33f44484befc09
- SHA1
  
  8ad6294407e15780b43e84929c40e4c5e997972e
- SHA256
  
  600591641bf3e168102cc0bc8ff31e57cd6717fcf882dbf453aa98cb92fb0a9b
- SHA512
  
  3e17a1cd047ef76e02506dd073392773d554f1cf9fdfbac146bc46870d8bde7e503c5c344b276e1f1b6c574ab701fcd92b1d9615eb5a9e8468e3dd927951e5f1
- SSDEEP
  
  6144:IKR02Xoz7JeS/1XA9Wm5qBL6AzBLB5bohHrulseZlyT/2yHRnT3KZvs/Upzg2CJf:j02ykS/hPV60r58VrwsTnHRnT6ZEWzgR
Score

1^/10
behavioral13 behavioral14
- Target
  
  Nurik 1.16.5 client/client/libraries/lwjgl-glfw-3.2.2.jar
- Size
  
  106KB
- MD5
  
  cb63a9c700a3a8167459d7e2ebf1de81
- SHA1
  
  d3ad4df38e400b8afba1de63f84338809399df5b
- SHA256
  
  45b6ec9491f09260f0c8218762c021bffe0e1b96f650891d9c773d50fdc945c9
- SHA512
  
  3687ec5415f0a8041bb26082597752d14c87f38c02dd3af2b86cc2ca2cb29c2fffa654ebebf8d81cd38d007c0be6c5a7b787045a2b696288cea5609ac8992f6e
- SSDEEP
  
  1536:KGaU586DdmopsdeBW4s+nfW2UY/jrAgqzzWyTRpZ8IIgWbpzR5sjm8gVox:KGaQ865/p5BfW2d/9qzzWkzy1NvW
Score

1^/10
behavioral15 behavioral16
- Target
  
  Nurik 1.16.5 client/client/libraries/lwjgl-jemalloc-3.2.2.jar
- Size
  
  34KB
- MD5
  
  39dac8382f567a4cb1be21df274280c1
- SHA1
  
  ee8e57a79300f78294576d87c4a587f8c99402e2
- SHA256
  
  d8a0eacb25b5336b5a673e1431adf123a78cce10f263bb043230e5c59d673e82
- SHA512
  
  fb93e1ceb35d670ec594266a02de1f13be0b838c45577ad804b873f41afb80f04d60ded161d25f8bb3d9e2495f165e6c81352c467f3b38e7c9696debbcb25b3f
- SSDEEP
  
  384:3h0nAb9kVIS3goBA2PHtIL0SkNq9ZIw7iBdsu9T2xtt5bDxghkyBxkASADb2Ver7:3WmzSDA2VINqT2xtJgrBxZSiSmQX14
Score

1^/10
behavioral17 behavioral18
- Target
  
  Nurik 1.16.5 client/client/libraries/lwjgl-openal-3.2.2.jar
- Size
  
  78KB
- MD5
  
  a2a94d10460d28e6ae85cb63df6a5588
- SHA1
  
  2b772a102b0a11ee5f2109a5b136f4dc7c630827
- SHA256
  
  164f73a2be18bb1d158a47205cc33f8156fc4325454c234d0e062b84afd67223
- SHA512
  
  6fedd3e36e530bbb6dec2ee5958d729506cba70851a72b5c4ffd3d663f1702866543499097221880a1e5872e62bedf052c8c74a5c3eeb2d0a5173d75631f2071
- SSDEEP
  
  1536:8/DON3NZuXxFERFXobbIV8tMa+eUsJBHaZl+ybfUaOrzsovNX:8/yVNZQFgXobbIUUsJBHaZR8fXPvNX
Score

1^/10
behavioral19 behavioral20
- Target
  
  Nurik 1.16.5 client/client/libraries/lwjgl-opengl-3.2.2.jar
- Size
  
  907KB
- MD5
  
  256003e7a1e7feba6e3845d024ed3e4a
- SHA1
  
  6ac5bb88b44c43ea195a570aab059f63da004cd8
- SHA256
  
  8ef989f6b6956dcafffc76a57389d46cbcec749c3b87a2a53a51dd28229f185b
- SHA512
  
  b25cb8740af911e5d580abe39ba047e7b176cda0b221523ff2a74d8e62ab53667d6ee0dda5c26c5f080f4dd1ed201f2405d8e650067ec6c6ed61abd0c5f15d8c
- SSDEEP
  
  12288:10+VElhrTS2IDHPKpx068qvZIF4lUTxCSC1a6KynA/zmuVR68HKRk/ETi:2tjefDHfEIilSxCyjyIquVR6HFW
Score

1^/10
behavioral21 behavioral22
- Target
  
  Nurik 1.16.5 client/client/libraries/lwjgl-stb-3.2.2.jar
- Size
  
  102KB
- MD5
  
  c64dc69cc11c18f398c0a6d0a168fac9
- SHA1
  
  3b8e6ebc5851dd3d17e37e5cadce2eff2a429f0f
- SHA256
  
  79800c9c80dcadbbbd2b3b40ae17258f7d3e81bad5bf0832217a87fc0d2587c2
- SHA512
  
  4f3d2154d21f27b6cddeefbb831a5e6016f6652361873efc151a20b654334ba0427e6cdeb9bfa9b9ee7c616ce9fd08eb8e59b61d59c936be602254b12424e104
- SSDEEP
  
  1536:/aDV9iUefGHMGMcKXkl0IICnJwxmFB56A7YcI5ABDSgRHCY+Cwo1GKpUaD61hqs+:IABNcEkaCnfFB/DkgxC7KGbk6Tqt
Score

1^/10
behavioral23 behavioral24
- Target
  
  Nurik 1.16.5 client/client/libraries/lwjgl-tinyfd-3.2.2.jar
- Size
  
  6KB
- MD5
  
  833e274c0da2eaa37658f775bd5a2553
- SHA1
  
  fcbe606c8f8da6f8f9a05e2c540eb1ee8632b0e9
- SHA256
  
  2e084e0faf7390979e7a19fc9605378b24dabc319bdd62a49de9def331c67693
- SHA512
  
  8338c4452a92f58ca415461e09de3ab13831b556f23020162d689fd3e0a5f41cedeaaec52a33cd522b7ea74b6e752d4c16e338cabf49e476a5b01c8bae88b059
- SSDEEP
  
  192:t+MfvIf17mfaVos9wox2UamtAF3qI+fVZBEyfVcfsfo:0D178acUVAkIEVX3o2o
Score

1^/10
behavioral25 behavioral26
- Target
  
  Nurik 1.16.5 client/client/libraries/netty-all-4.1.25.Final.jar
- Size
  
  3.6MB
- MD5
  
  d1912410fe536c1cc35da23c4fb103c8
- SHA1
  
  d0626cd3108294d1d58c05859add27b4ef21f83b
- SHA256
  
  972642d0037706485747d34ce50fd67a15f0ed3d8a781882d683824c9977bc86
- SHA512
  
  96421e50c37822b64e937bfe45b340b7ae0624cba82c88e8e99e33e451a133e4d828eae60927a667fccf861ade1c8a7378b23e31aeb663b13b5f64e9359befcd
- SSDEEP
  
  49152:tBU/kToJXMubE0li6bAnoUDzgRz93tQ3chBCmpO0FvlksN7EX7CZIv+uJIaa84I+:aAe06vUIn3tGz0FaQ7EmZoxU
Score

1^/10
behavioral27 behavioral28
- Target
  
  Nurik 1.16.5 client/client/libraries/oshi-core-1.1.jar
- Size
  
  30KB
- MD5
  
  4f992d3ac0aa70a8647460494c95e261
- SHA1
  
  9ddf7b048a8d701be231c0f4f95fd986198fd2d8
- SHA256
  
  27901e5d4d60d3502571d5e6358fc89e3fcf874138b69d495d139bcc3e169404
- SHA512
  
  5b7af823687116dfdd92584a215cb661dcace19bfe4f2f3930a809407a0a9327538eb16d3b1d7b616c73e6cb927a5100e6d871781dc2035b8bd02ba75e2c167d
- SSDEEP
  
  384:vbo59GGiuJBMgy/w67kfGtr9blL1kq93Xur9cIkiRmIduCN9nRCc8ol1ciQPfOO2:+Mgb67L/lL1kOHur9csRmItF1ciiqzyE
Score

1^/10
behavioral29 behavioral30
- Target
  
  Nurik 1.16.5 client/client/libraries/patchy-1.0.0.jar
- Size
  
  1KB
- MD5
  
  926c1923a65e684143354b0f27b53b42
- SHA1
  
  f8584b6b1c2d9e6f69f6e3efdb2ee46774683660
- SHA256
  
  3a9e98a1680ba815f17ed4e4bc01cac764e3fbf5ea804c36be2941f79cf0536f
- SHA512
  
  e92a1fbef2c23f245e0b305064ebe528728f055d473382226ac14280e3d6f93598555845395c48a922a8a2b4d20882986468c9db4f5c5e21270d6b3a103f831e
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32