stormkitty | 7c431981e1962c71f936fc53951982071462f853f53c92dc3d4103ee5e3efe70 | Triage

Submit
Reports

Overview

overview

Static

static

XWork 5.7z

windows11-21h2-x64

Sharing

General

Target

XWork 5.7z
Size

18.5MB
Sample

250301-nebwkayzfw
MD5

ea35b74bbe3cf8de1ddbd5ab10ada9b1
SHA1

6f20dd8865e84581ddfa7d4666bffeb812f2deed
SHA256

7c431981e1962c71f936fc53951982071462f853f53c92dc3d4103ee5e3efe70
SHA512

d9296919eec861a1e8ea72b5d590e8d6092a188208bda0f17ebb52744fbb702391022d25a51bbea041eb4db9f9d8c48ac3a0a2b14c4a5ed792c2914a7b657504
SSDEEP

393216:ACEYC65G+SwHO1JoCzXq5i+dDmpu06beWxEkNgwTZDZerBjkDGp5:6YC65G1wHezB+Ypt6beWES6rBjkDGp5

Score

10^/10

stormkitty xworm rat trojan

Static task

static1

stormkitty xworm

6 signatures

Behavioral task

behavioral1

Sample

XWork 5.7z

Resource

win11-20250217-en

xworm rat trojan

windows11-21h2-x64

15 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:7000

Mutex

gDbMYNCU59emqrT8

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  XWork 5.7z
- Size
  
  18.5MB
- MD5
  
  ea35b74bbe3cf8de1ddbd5ab10ada9b1
- SHA1
  
  6f20dd8865e84581ddfa7d4666bffeb812f2deed
- SHA256
  
  7c431981e1962c71f936fc53951982071462f853f53c92dc3d4103ee5e3efe70
- SHA512
  
  d9296919eec861a1e8ea72b5d590e8d6092a188208bda0f17ebb52744fbb702391022d25a51bbea041eb4db9f9d8c48ac3a0a2b14c4a5ed792c2914a7b657504
- SSDEEP
  
  393216:ACEYC65G+SwHO1JoCzXq5i+dDmpu06beWxEkNgwTZDZerBjkDGp5:6YC65G1wHezB+Ypt6beWES6rBjkDGp5
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
- Executes dropped EXE
- Uses the VBS compiler for execution
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stormkittyxworm

behavioral1

© 2018-2025

Terms | Privacy