xworm | 6c3b32c5943348676c2b0e418c5f08e65fe34ea00439c67c1959180a656736ed | Triage

Submit
Reports

Overview

overview

Static

static

XClient.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

XClient.exe
Size

32KB
Sample

250520-y1kqpsbr9y
MD5

e2b2749a4897f9de76088f1ce20b42b0
SHA1

3c0ca03615315f2ddd7ea32e554715839255ea3c
SHA256

6c3b32c5943348676c2b0e418c5f08e65fe34ea00439c67c1959180a656736ed
SHA512

c1fb3d3c9dd9243652bc0fe55fb9ef6babccc6d9280f614b27deff9473c5a9a0d2015fdaedf4616d3435322cd78083010c0ac974ced127b5a74c7d8d3091cdba
SSDEEP

768:2Va+vNtg+PB93Tw42JzVFE9juMoOjhQb2:4vNtgw93U42DFE9jboOjea

Score

10^/10

xworm rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

XClient.exe

Resource

win10v2004-20250502-en

xworm rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:7000

Mutex

VknT8sf1HIXeDf5v

Attributes

install_file
USB.exe

aes.plain

Targets

- Target
  
  XClient.exe
- Size
  
  32KB
- MD5
  
  e2b2749a4897f9de76088f1ce20b42b0
- SHA1
  
  3c0ca03615315f2ddd7ea32e554715839255ea3c
- SHA256
  
  6c3b32c5943348676c2b0e418c5f08e65fe34ea00439c67c1959180a656736ed
- SHA512
  
  c1fb3d3c9dd9243652bc0fe55fb9ef6babccc6d9280f614b27deff9473c5a9a0d2015fdaedf4616d3435322cd78083010c0ac974ced127b5a74c7d8d3091cdba
- SSDEEP
  
  768:2Va+vNtg+PB93Tw42JzVFE9juMoOjhQb2:4vNtgw93U42DFE9jboOjea
Score

10^/10

xworm rat trojan
- Detect Xworm Payload
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy