xworm | a67721023e1aea8b73d8614e6e29e5108152f510619516da1648dc03cb7de122 | Triage

Submit
Reports

Overview

overview

Static

static

$R7DQTGG.exe

windows10-2004-x64

Sharing

General

Target

$R7DQTGG.exe
Size

197KB
Sample

250306-c8yrmswrt2
MD5

23ae846b601cdfbc78da67bf61e265fa
SHA1

8104966ae762225d23df128b2cf8bde8145bbf01
SHA256

a67721023e1aea8b73d8614e6e29e5108152f510619516da1648dc03cb7de122
SHA512

7e002c88090b5468ceb186e68c5ae34ab8ab22782bbd33387d1c665dcc8770e25ae2fe7243fbd94dc5d2c277650a5d90961bef6ded616e9c6629a659494d1c36
SSDEEP

3072:CLq2PnaybVqQQK/Ec/OaW3JRUGKXs+S++7KFSbxeY+qDDrMI:eq2bpg8GqStKEbxI

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

$R7DQTGG.exe

Resource

win10v2004-20250217-en

xworm rat trojan

windows10-2004-x64

9 signatures

60 seconds

Malware Config

Extracted

Family

xworm

Attributes

Install_directory
%AppData%
install_file
x69Microsoft Edge.exe
pastebin_url
https://pastebin.com/raw/zYgpCQBC
telegram
https://api.telegram.org/bot7322335748:AAEr-qkbNoi4AH-VkGzWTsoAJ0Jx3HkKwbk/sendMessage?chat_id=7763830849

Targets

- Target
  
  $R7DQTGG.exe
- Size
  
  197KB
- MD5
  
  23ae846b601cdfbc78da67bf61e265fa
- SHA1
  
  8104966ae762225d23df128b2cf8bde8145bbf01
- SHA256
  
  a67721023e1aea8b73d8614e6e29e5108152f510619516da1648dc03cb7de122
- SHA512
  
  7e002c88090b5468ceb186e68c5ae34ab8ab22782bbd33387d1c665dcc8770e25ae2fe7243fbd94dc5d2c277650a5d90961bef6ded616e9c6629a659494d1c36
- SSDEEP
  
  3072:CLq2PnaybVqQQK/Ec/OaW3JRUGKXs+S++7KFSbxeY+qDDrMI:eq2bpg8GqStKEbxI
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy