xworm | c6e052c84a0ed1ad7f463704a5fafffcc845e5744a40eadb84867af10217501d | Triage

Submit
Reports

Overview

overview

Static

static

3

fg.exe

windows7-x64

fg.exe

windows10-2004-x64

Sharing

General

Target

fg.exe
Size

321KB
Sample

250307-fbjg8svns3
MD5

724cc4de405ed3db8a91c383cfc89f84
SHA1

45ca40cf798b7b2ea7216dba582d09dc83cd1bf5
SHA256

c6e052c84a0ed1ad7f463704a5fafffcc845e5744a40eadb84867af10217501d
SHA512

2d3a4b342de5760091e6d6b77d5cdc8abad81ea9dea44bbeb37626f399c11d1405fd6eb8e2156330a684e2a3d28f6dd4ff93660816515896dc82f7a1f7d0d338
SSDEEP

6144:PzU2+BjwsX7+LtOKcvGj94+Y2MlP2yOjxK70NTDx9agjjkRE2aMoiFSV:PzU2+FwsX7+LtOKcvGj94+Y2MlP2yOj7

Score

10^/10

xworm discovery rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fg.exe

Resource

win7-20240903-en

xworm discovery rat trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

fg.exe

Resource

win10v2004-20250217-en

xworm discovery rat trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

185.7.214.108:4411

185.7.214.54:4411

aes.plain

Targets

- Target
  
  fg.exe
- Size
  
  321KB
- MD5
  
  724cc4de405ed3db8a91c383cfc89f84
- SHA1
  
  45ca40cf798b7b2ea7216dba582d09dc83cd1bf5
- SHA256
  
  c6e052c84a0ed1ad7f463704a5fafffcc845e5744a40eadb84867af10217501d
- SHA512
  
  2d3a4b342de5760091e6d6b77d5cdc8abad81ea9dea44bbeb37626f399c11d1405fd6eb8e2156330a684e2a3d28f6dd4ff93660816515896dc82f7a1f7d0d338
- SSDEEP
  
  6144:PzU2+BjwsX7+LtOKcvGj94+Y2MlP2yOjxK70NTDx9agjjkRE2aMoiFSV:PzU2+FwsX7+LtOKcvGj94+Y2MlP2yOj7
Score

10^/10

xworm discovery rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xwormdiscoveryrattrojan

behavioral2

xwormdiscoveryrattrojan

© 2018-2025

Terms | Privacy