xworm | ea2ab2ecedf5c203a42e9b29566ada7f70959f41e23e2346fc38322c2cfe43fa | Triage

Submit
Reports

Overview

overview

Static

static

3

Algorithm_...ou.exe

windows11-21h2-x64

Sharing

General

Target

Algorithm_Converter_Arab-you.exe
Size

497KB
Sample

250307-lnvzpayps4
MD5

7e01e34e779c50de84cc3e4321d68b6f
SHA1

31ec2e0168867753e0c649dbaeb92aaafb22f6d3
SHA256

ea2ab2ecedf5c203a42e9b29566ada7f70959f41e23e2346fc38322c2cfe43fa
SHA512

af9f51af435f41b9578c72f163d43abb3edd5bfb27fd7b0e4f83799f0df62bf5a9d8e813bf2aab2fc85414ac3f2997400ac5d833d6c77803c568ba954b6c6414
SSDEEP

12288:fGMnkN1TDTvX7ym4vw+8ixjvVem7kC+8:XG1TDTvLVkrMm

Score

10^/10

xworm rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Algorithm_Converter_Arab-you.exe

Resource

win11-20250217-en

xworm rat trojan

windows11-21h2-x64

8 signatures

900 seconds

Malware Config

Extracted

Family

xworm

Version

3.0

C2

3skr.uncofig.com:9999

Mutex

f5nPSEGIk3s9ZJvj

Attributes

Install_directory
%AppData%
install_file
USB.exe
telegram
https://api.telegram.org/bot7942324376:AAFz5Z-GdKIj1CePZyqIUmvNWOymMRw8Lmk/sendMessage?chat_id=2078478344

aes.plain

Targets

- Target
  
  Algorithm_Converter_Arab-you.exe
- Size
  
  497KB
- MD5
  
  7e01e34e779c50de84cc3e4321d68b6f
- SHA1
  
  31ec2e0168867753e0c649dbaeb92aaafb22f6d3
- SHA256
  
  ea2ab2ecedf5c203a42e9b29566ada7f70959f41e23e2346fc38322c2cfe43fa
- SHA512
  
  af9f51af435f41b9578c72f163d43abb3edd5bfb27fd7b0e4f83799f0df62bf5a9d8e813bf2aab2fc85414ac3f2997400ac5d833d6c77803c568ba954b6c6414
- SSDEEP
  
  12288:fGMnkN1TDTvX7ym4vw+8ixjvVem7kC+8:XG1TDTvLVkrMm
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy