xworm | ed1019bacf6c2435ed5fd7cd0a51b58170ae25665de79505ab188b673b2a55df | Triage

Submit
Reports

Overview

overview

Static

static

2025-03-03...ar.exe

windows7-x64

2025-03-03...ar.exe

windows10-2004-x64

Sharing

General

Target

2025-03-03_86292f6606d16cc6394419de61e9956e_hiddentear
Size

170KB
Sample

250303-b6gvnsswd1
MD5

86292f6606d16cc6394419de61e9956e
SHA1

52de556ddc1d22c8e88b162956b2bc5709059914
SHA256

ed1019bacf6c2435ed5fd7cd0a51b58170ae25665de79505ab188b673b2a55df
SHA512

7c7f8c155b4dcb58ec5a0ee189d30bd26696cc7771e9deaa2d044fd323278a5f63b70c58e2e72edea9b09cecdc35c2820b91ddd73fba9a78eaba30212255692e
SSDEEP

3072:jWDpZm+7MTji+Y9bZjMDzOlWM+lmsolAIrRuw+mqv9j1MWLQo:jW3MitbmQ+lDAA

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2025-03-03_86292f6606d16cc6394419de61e9956e_hiddentear.exe

Resource

win7-20240903-en

xworm rat trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-03-03_86292f6606d16cc6394419de61e9956e_hiddentear.exe

Resource

win10v2004-20250217-en

xworm rat trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

xworm

C2

198.23.200.96:5353

Attributes

Install_directory
%AppData%
install_file
krypto.exe

Targets

- Target
  
  2025-03-03_86292f6606d16cc6394419de61e9956e_hiddentear
- Size
  
  170KB
- MD5
  
  86292f6606d16cc6394419de61e9956e
- SHA1
  
  52de556ddc1d22c8e88b162956b2bc5709059914
- SHA256
  
  ed1019bacf6c2435ed5fd7cd0a51b58170ae25665de79505ab188b673b2a55df
- SHA512
  
  7c7f8c155b4dcb58ec5a0ee189d30bd26696cc7771e9deaa2d044fd323278a5f63b70c58e2e72edea9b09cecdc35c2820b91ddd73fba9a78eaba30212255692e
- SSDEEP
  
  3072:jWDpZm+7MTji+Y9bZjMDzOlWM+lmsolAIrRuw+mqv9j1MWLQo:jW3MitbmQ+lDAA
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy