In this article, we explore how XWorm uses USBs to spread to other machines.

In this article, we explore how XWorm evades defenses and establish persistence.

In this article, we explore how XWorm employs obfuscation, encryption, and anti-analysis techniques to evade detection.

In this first article of the XWorm series, we explore the basics of analyzing this RAT (Remote Access Trojan). We identify the type of binary, analyze managed vs unmanaged code, and introduce the key tools for its analysis.

In this article we will dynamically analyze the C2 agent we previously obtained and evaluate ways to interact with it in order to understand how it works.