xworm | 2d5050ca25920cb7a52aa4f77f1ed6a2ce4766d240eba793bac4b14af7d0681f | Triage

Submit
Reports

Overview

overview

Static

static

XCliente.exe

windows7-x64

XCliente.exe

windows10-2004-x64

Sharing

General

Target

XCliente.exe
Size

30KB
Sample

250307-wqqg4at1ax
MD5

b332466e7ad8264e2845d31415725f42
SHA1

141d8093915d85fac1501d06a87ba901c39b8107
SHA256

2d5050ca25920cb7a52aa4f77f1ed6a2ce4766d240eba793bac4b14af7d0681f
SHA512

a60b7398ac9d92089994e9125e7259e9cca83bb05070a31a092d89122b76394905c1d07111b94756cf4fc91942296acb989498b1870b65d3fd29897e12d1a57a
SSDEEP

384:ueAwIGmeffcbWICWv/0ILZGPcj0hYACSqR/inw2uRugtFuBLTIOZw/WVnvn9IkVO:+ecbl/b3jMYAoR/iw2uBFE9RYOqhtb3

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

XCliente.exe

Resource

win7-20240729-en

xworm rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

XCliente.exe

Resource

win10v2004-20250217-en

xworm rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

3.1

C2

192.168.1.114:1177

Mutex

roEOWd2CTFvG3l1K

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  XCliente.exe
- Size
  
  30KB
- MD5
  
  b332466e7ad8264e2845d31415725f42
- SHA1
  
  141d8093915d85fac1501d06a87ba901c39b8107
- SHA256
  
  2d5050ca25920cb7a52aa4f77f1ed6a2ce4766d240eba793bac4b14af7d0681f
- SHA512
  
  a60b7398ac9d92089994e9125e7259e9cca83bb05070a31a092d89122b76394905c1d07111b94756cf4fc91942296acb989498b1870b65d3fd29897e12d1a57a
- SSDEEP
  
  384:ueAwIGmeffcbWICWv/0ILZGPcj0hYACSqR/inw2uRugtFuBLTIOZw/WVnvn9IkVO:+ecbl/b3jMYAoR/iw2uBFE9RYOqhtb3
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy