Overview

overview

10

Static

static

10

887e65b176...7c.exe

windows7-x64

10

887e65b176...7c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    887e65b17618997a40c4ef8eddc00692d5ca47edcc2dc866442e86f06464ca7c.exe

  • Size

    30KB

  • Sample

    240701-qp3hdatgjb

  • MD5

    7cf002ea425739f1cae19423a4db5be1

  • SHA1

    b76881cdaefef894be189236519b7ef617cabb25

  • SHA256

    887e65b17618997a40c4ef8eddc00692d5ca47edcc2dc866442e86f06464ca7c

  • SHA512

    d78d6c6e1adb799348104c7eac46dab4d99b6923785a516d3f1936eff7b45d4b5dd036e6d9755a39f82b50eab0778b7c1e3cc5a41e23cf0f3d5a53f84ca11e5b

  • SSDEEP

    384:87wTA+5OfPgEBQqWvfcQLZe3s80hYACSqReAw2uRugtFuBLTIOZw/WVnvn9IkVuO:GrgECfLH8MYAoReJ2uBFE9RaOqhhb4

Score
10/10
xwormrattrojan

Malware Config

Extracted

Family

xworm

Version

3.1

C2

daddy.linkpc.net:7000

Mutex

nFioEGSTQOllAlWi

Attributes
  • install_file

    USB.exe

aes.plain

Targets

    • Target

      887e65b17618997a40c4ef8eddc00692d5ca47edcc2dc866442e86f06464ca7c.exe

    • Size

      30KB

    • MD5

      7cf002ea425739f1cae19423a4db5be1

    • SHA1

      b76881cdaefef894be189236519b7ef617cabb25

    • SHA256

      887e65b17618997a40c4ef8eddc00692d5ca47edcc2dc866442e86f06464ca7c

    • SHA512

      d78d6c6e1adb799348104c7eac46dab4d99b6923785a516d3f1936eff7b45d4b5dd036e6d9755a39f82b50eab0778b7c1e3cc5a41e23cf0f3d5a53f84ca11e5b

    • SSDEEP

      384:87wTA+5OfPgEBQqWvfcQLZe3s80hYACSqReAw2uRugtFuBLTIOZw/WVnvn9IkVuO:GrgECfLH8MYAoReJ2uBFE9RaOqhhb4

    Score
    10/10
    xwormrattrojan

    • Detect Xworm Payload

    • Xworm

      Xworm is a remote access trojan written in C#.

      trojanratxworm
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks