XWorm (Malware Family)

XWorm

Malware with wide range of capabilities ranging from RAT to ransomware.

References

2024-04-15 ⋅ Positive Technologies ⋅ Aleksandr Badaev, Kseniya Naumova
SteganoAmor campaign: TA558 mass-attacking companies and public institutions all around the world
LokiBot 404 Keylogger Agent Tesla CloudEyE Formbook Remcos XWorm

2024-03-27 ⋅ Twitter (@embee_research) ⋅ Embee_research
Uncovering Malicious Infrastructure with DNS Pivoting
LokiBot XWorm

2024-03-11 ⋅ YouTube (Embee Research) ⋅ Embee_research
Xworm Script Analysis and Deobfuscation
XWorm

2024-02-22 ⋅ Medium b.magnezi ⋅ 0xMrMagnezi
Malware Analysis - XWorm
XWorm

2024-02-01 ⋅ YouTube (Embee Research) ⋅ Embee_research
Xworm Malware Analysis - Unravelling Multi-stage Malware with CyberChef and DnSpy
XWorm

2023-11-21 ⋅ ANY.RUN ⋅ Igal Lytzki
XWorm Malware: Exploring C&C Communication
XWorm

2023-10-24 ⋅ CERT.PL ⋅ Jarosław Jedynak
Malware stories: Deworming the XWorm
XWorm

2023-09-08 ⋅ Gi7w0rm
Uncovering DDGroup — A long-time threat actor
AsyncRAT Ave Maria BitRAT DBatLoader NetWire RC Quasar RAT XWorm

2023-08-24 ⋅ ANY.RUN ⋅ Electron, glebyao, kinoshi
XWorm: Technical Analysis of a New Malware Version
XWorm

2023-08-23 ⋅ Twitter (@embee_research) ⋅ Embee_research, Huntress Labs
Extracting Xworm from Bloated Golang Executable
XWorm

2023-08-01 ⋅ Palo Alto Networks Unit 42 ⋅ Lior Rochberger
NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts
BitRAT NodeStealer XWorm

2023-05-12 ⋅ Securonix ⋅ Den Iyzvyk, Oleg Kolesnikov, Tim Peck
Ongoing MEME#4CHAN Attack/Phishing Campaign uses Meme-Filled Code to Drop XWorm Payloads
XWorm

2023-04-07 ⋅ Elastic ⋅ Salim Bitam
Attack chain leads to XWORM and AGENTTESLA
Agent Tesla XWorm

2023-03-30 ⋅ loginsoft ⋅ Saharsh Agrawal
From Innocence to Malice: The OneNote Malware Campaign Uncovered
Agent Tesla AsyncRAT DOUBLEBACK Emotet Formbook IcedID NetWire RC QakBot Quasar RAT RedLine Stealer XWorm

2023-02-02 ⋅ YouTube (Embee Research) ⋅ Embee_research
Xworm Loader Analysis - Decoding Malware Scripts and Extracting C2's with DnSpy and CyberChef
XWorm

2022-08-19 ⋅ cyble ⋅ Cyble
EvilCoder Project Selling Multiple Dangerous Tools Online
XWorm

There is no Yara-Signature yet.

XWorm Propose Change

References

XWorm