Overview

overview

10

Static

static

1

download.txt

windows7-x64

10

download.txt

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    download.txt

  • Size

    274KB

  • Sample

    250304-ttyxjavsgw

  • MD5

    f56de06a0223dccfa4f5091d189e6055

  • SHA1

    41ffd54a745be7df1e26bd1eff1cbc5d1d028b5a

  • SHA256

    0a8d2126b0c87236de91167ebec0a0fb13bd12dc4032af3cae18053b76512e10

  • SHA512

    f98d10642acb8e0698d88413bb7782c18c0b4f9185c50202d5412ebff8fc1a6a9309f4e2db8afc5bcae08a28d6ef19c17d1c95cca91c91b941fe4c41c77c0c14

  • SSDEEP

    6144:NJo3U357Z0NJYSUPVL89vHaJo3U357Z0NJYSUPVL89vHi:ro3U3573o3U357D

Score
10/10
xwormdiscoveryrattrojan

Malware Config

Targets

    • Target

      download.txt

    • Size

      274KB

    • MD5

      f56de06a0223dccfa4f5091d189e6055

    • SHA1

      41ffd54a745be7df1e26bd1eff1cbc5d1d028b5a

    • SHA256

      0a8d2126b0c87236de91167ebec0a0fb13bd12dc4032af3cae18053b76512e10

    • SHA512

      f98d10642acb8e0698d88413bb7782c18c0b4f9185c50202d5412ebff8fc1a6a9309f4e2db8afc5bcae08a28d6ef19c17d1c95cca91c91b941fe4c41c77c0c14

    • SSDEEP

      6144:NJo3U357Z0NJYSUPVL89vHaJo3U357Z0NJYSUPVL89vHi:ro3U3573o3U357D

    Score
    10/10
    xwormdiscoveryrattrojan

    • Detect Xworm Payload

    • Xworm

      Xworm is a remote access trojan written in C#.

      trojanratxworm

    • Xworm family

      xworm
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks