xworm | 0d39e78dc7cecf5b5ed6fb2c4ddf99eeef42dc273f79fe7e1d2d2006cbfb89a5 | Triage

Submit
Reports

Overview

overview

Static

static

lavandaboostraper.exe

windows7-x64

lavandaboostraper.exe

windows10-2004-x64

Sharing

General

Target

lavandaboostraper.exe
Size

32KB
Sample

250305-lftfwsvwgt
MD5

f3514c1b0c98ddfd64e0bfe5a6c5d846
SHA1

67fc9cb0602ae37cdc702a7a05464ceb53619111
SHA256

0d39e78dc7cecf5b5ed6fb2c4ddf99eeef42dc273f79fe7e1d2d2006cbfb89a5
SHA512

a9bd304c77b28d34564bc99255b5097e7beae0d565ca2cc5bd66673d08a1c9267052448deea67f44ad44b102325cd6372da7ffe979980b59573ed7c934dfd2df
SSDEEP

768:RVa+vNtg+PB+3Tw49FzVFE9jROjhO7b4:ZvNtgw+3U49HFE9jROjs7k

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

lavandaboostraper.exe

Resource

win7-20240903-en

xworm rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

lavandaboostraper.exe

Resource

win10v2004-20250217-en

xworm rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:7000

Mutex

so6yvToFNFYYSten

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  lavandaboostraper.exe
- Size
  
  32KB
- MD5
  
  f3514c1b0c98ddfd64e0bfe5a6c5d846
- SHA1
  
  67fc9cb0602ae37cdc702a7a05464ceb53619111
- SHA256
  
  0d39e78dc7cecf5b5ed6fb2c4ddf99eeef42dc273f79fe7e1d2d2006cbfb89a5
- SHA512
  
  a9bd304c77b28d34564bc99255b5097e7beae0d565ca2cc5bd66673d08a1c9267052448deea67f44ad44b102325cd6372da7ffe979980b59573ed7c934dfd2df
- SSDEEP
  
  768:RVa+vNtg+PB+3Tw49FzVFE9jROjhO7b4:ZvNtgw+3U49HFE9jROjs7k
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy