xworm | 04c75c092c9f64493318740487b08858644373a3b9f4c549f9cd2b25ea60d548 | Triage

Submit
Reports

Overview

overview

Static

static

2025-03-04...ar.exe

windows7-x64

2025-03-04...ar.exe

windows10-2004-x64

Sharing

General

Target

2025-03-04_6803215592fd9cd6ffb299385dc44b8e_hiddentear
Size

151KB
Sample

250304-2cyjfatjs4
MD5

6803215592fd9cd6ffb299385dc44b8e
SHA1

9bdb0356393386162063ea6f9cd5f72b51119264
SHA256

04c75c092c9f64493318740487b08858644373a3b9f4c549f9cd2b25ea60d548
SHA512

c46ec6fea4781072d80c383757da4475c2a983c411c61bfb784b64c294bfafaa343b8176b22697666c3c1fa7d4c01a074cf163c9c4f30b3ff0b8e03c435e9b2b
SSDEEP

3072:exNg5f/SLXkbvhPOpCM+lmsolAIrRuw+mqv9j1MWLQA:eQyUbK+lDAA

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2025-03-04_6803215592fd9cd6ffb299385dc44b8e_hiddentear.exe

Resource

win7-20240903-en

xworm rat trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-03-04_6803215592fd9cd6ffb299385dc44b8e_hiddentear.exe

Resource

win10v2004-20250217-en

xworm rat trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

xworm

C2

135.148.125.190:46613

Attributes

Install_directory
%Temp%
install_file
XClient.exe

Targets

- Target
  
  2025-03-04_6803215592fd9cd6ffb299385dc44b8e_hiddentear
- Size
  
  151KB
- MD5
  
  6803215592fd9cd6ffb299385dc44b8e
- SHA1
  
  9bdb0356393386162063ea6f9cd5f72b51119264
- SHA256
  
  04c75c092c9f64493318740487b08858644373a3b9f4c549f9cd2b25ea60d548
- SHA512
  
  c46ec6fea4781072d80c383757da4475c2a983c411c61bfb784b64c294bfafaa343b8176b22697666c3c1fa7d4c01a074cf163c9c4f30b3ff0b8e03c435e9b2b
- SSDEEP
  
  3072:exNg5f/SLXkbvhPOpCM+lmsolAIrRuw+mqv9j1MWLQA:eQyUbK+lDAA
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy