Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

q2e132qweertgd.exe

windows7-x64

10

q2e132qweertgd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    q2e132qweertgd.exe

  • Size

    54KB

  • Sample

    250309-mefn3szwfv

  • MD5

    ce936711c2d764e67a57275d6d7b309c

  • SHA1

    df21d4952edb1d1e14153080fbe23a367e07660e

  • SHA256

    b6b4f3d76be11cba85b433e54f37181dc669422de50b3f9db049196d96e241c2

  • SHA512

    0f8c4e69b175df6cc9783d77741d0ceb5d578d8e738bebebcb9cad283ac933a49a90a6d4d61cd31c25193a1b4bf7d3ead83782ab8e2b30220bbeecaa8e5405d9

  • SSDEEP

    1536:7tp3RNRjAp+2hw1iKvkb9FAB/VOm4y3kn:7tp3RsGNvkb9UNOm43n

Score
10/10
xwormdiscoveryransomwarerattrojan

Malware Config

Extracted

Family

xworm

Attributes
  • pastebin_url

    https://pastebin.com/raw/64jXYT6E

Targets

    • Target

      q2e132qweertgd.exe

    • Size

      54KB

    • MD5

      ce936711c2d764e67a57275d6d7b309c

    • SHA1

      df21d4952edb1d1e14153080fbe23a367e07660e

    • SHA256

      b6b4f3d76be11cba85b433e54f37181dc669422de50b3f9db049196d96e241c2

    • SHA512

      0f8c4e69b175df6cc9783d77741d0ceb5d578d8e738bebebcb9cad283ac933a49a90a6d4d61cd31c25193a1b4bf7d3ead83782ab8e2b30220bbeecaa8e5405d9

    • SSDEEP

      1536:7tp3RNRjAp+2hw1iKvkb9FAB/VOm4y3kn:7tp3RsGNvkb9UNOm43n

    Score
    10/10
    xwormdiscoveryransomwarerattrojan

    • Detect Xworm Payload

    • Xworm

      Xworm is a remote access trojan written in C#.

      trojanratxworm

    • Xworm family

      xworm

    • Legitimate hosting services abused for malware hosting/C2

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks