Xworm 3.1 -

Threat Analysis: Dissecting XWorm 3.1 – The Evolution of a Modular Stealer

By [Your Name/Security Team Name] Date: [Current Date]

Surveillance: Real-time screen recording and monitoring of all running processes. xworm 3.1

White Paper: XWorm 3.1 – A Technical Analysis of the Modular RAT

Date: October 26, 2023 Classification: Public / TLP:WHITE Prepared by: Threat Intelligence Unit Threat Analysis: Dissecting XWorm 3

Furthermore, XWorm 3.1 attempts to terminate processes associated with Windows Defender, Avast, and AVG by injecting code into services.exe to call TerminateProcess on MsMpEng.exe. xworm 3.1

Registry

Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value: Random alphanumeric characters pointing to the dropped executable.

IPTVHD PLUS

Xworm 3.1 -

Threat Analysis: Dissecting XWorm 3.1 – The Evolution of a Modular Stealer

White Paper: XWorm 3.1 – A Technical Analysis of the Modular RAT

Registry

IPTVHD PLUS

3,328 Subscribers

IPTVHD PLUS

Useful Links

Reach Out

Contact

We Accept: