xworm | 375291a84e0532bc0cdb00b48f33ab1044cb3af83e23e1bbb5dcb3bde5f76ab0 | Triage

Submit
Reports

Overview

overview

Static

static

XClient.exe

windows10-2004-x64

Sharing

General

Target

XClient.exe
Size

30KB
Sample

250307-wcyxbavlx7
MD5

67f1956e7b4cc0c51cb1d25dbfd83e56
SHA1

639240a4e0361012f1fa892bbd81fdfef59a02cd
SHA256

375291a84e0532bc0cdb00b48f33ab1044cb3af83e23e1bbb5dcb3bde5f76ab0
SHA512

1f64c88f51bbc95fefcc524656f1d3ab4df42754a8160a14fae3ed81a78511952dabc8cb4a7a4c403405a591b3186886df8203ea2dd3d12749458517e504d400
SSDEEP

384:I7wTA+5OfPgEBQqWvfcQLZe3s80hYACSqR/inw2uRugtFuBLTIOZw/WVnvn9IkVj:6rgECfLH8MYAoR/iw2uBFE9RAOqhibB

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

XClient.exe

Resource

win10v2004-20250217-en

xworm rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

3.1

C2

mikeykiller.ddns.net:1177

Mutex

R93qDdAxW1rwFEDX

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  XClient.exe
- Size
  
  30KB
- MD5
  
  67f1956e7b4cc0c51cb1d25dbfd83e56
- SHA1
  
  639240a4e0361012f1fa892bbd81fdfef59a02cd
- SHA256
  
  375291a84e0532bc0cdb00b48f33ab1044cb3af83e23e1bbb5dcb3bde5f76ab0
- SHA512
  
  1f64c88f51bbc95fefcc524656f1d3ab4df42754a8160a14fae3ed81a78511952dabc8cb4a7a4c403405a591b3186886df8203ea2dd3d12749458517e504d400
- SSDEEP
  
  384:I7wTA+5OfPgEBQqWvfcQLZe3s80hYACSqR/inw2uRugtFuBLTIOZw/WVnvn9IkVj:6rgECfLH8MYAoR/iw2uBFE9RAOqhibB
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy