xworm | 7cb42251a56a23eb077e5d6f28ab27e39f8373d9cb1d86463e6ea102219ab701 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

WindowsApp2.exe

windows7-x64

WindowsApp2.exe

windows10-2004-x64

Sharing

General

Target

WindowsApp2.exe
Size

223KB
Sample

250309-nqdjjazr17
MD5

aab1144f534667981033ed7c01b17c78
SHA1

df5b13810ba6523658aebcb30997957e724c1bea
SHA256

7cb42251a56a23eb077e5d6f28ab27e39f8373d9cb1d86463e6ea102219ab701
SHA512

018ae021c52f5a57e64d9cc47b1ca20d3838b76dc930e84e82e4058997d6cd4c89ba90db2273e51df3a1c19c328f988c253659e7b8545591c637021d765d3abe
SSDEEP

3072:KDJBnhJWr9osRPC9M9HfjSfpjrOpFeeIwxaZKgkoDaPT7HKTPGGFHtpx0bIO:ie9osScHfjSfhKpUtuAKgkdHu+G0

Score

10^/10

xworm rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

WindowsApp2.exe

Resource

win7-20241010-en

xworm rat trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

WindowsApp2.exe

Resource

win10v2004-20250217-en

xworm rat trojan

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

xworm

C2

any-attraction.gl.at.ply.gg:27770

Attributes

Install_directory
%AppData%
install_file
USB.exe

Targets

- Target
  
  WindowsApp2.exe
- Size
  
  223KB
- MD5
  
  aab1144f534667981033ed7c01b17c78
- SHA1
  
  df5b13810ba6523658aebcb30997957e724c1bea
- SHA256
  
  7cb42251a56a23eb077e5d6f28ab27e39f8373d9cb1d86463e6ea102219ab701
- SHA512
  
  018ae021c52f5a57e64d9cc47b1ca20d3838b76dc930e84e82e4058997d6cd4c89ba90db2273e51df3a1c19c328f988c253659e7b8545591c637021d765d3abe
- SSDEEP
  
  3072:KDJBnhJWr9osRPC9M9HfjSfpjrOpFeeIwxaZKgkoDaPT7HKTPGGFHtpx0bIO:ie9osScHfjSfhKpUtuAKgkdHu+G0
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy