Xworm V31 Updated -

Capable of launching Distributed Denial of Service attacks and functioning as basic ransomware by encrypting files. Technical Analysis of the v3.1 Update

Uses "Living off the Land" binaries (LOLBins) like Msbuild.exe and PowerShell to execute code in memory, bypassing traditional disk-based antivirus. xworm v31 updated

The v3.1 update focused heavily on and anti-analysis . Researchers have observed it using a multi-stage infection chain: Capable of launching Distributed Denial of Service attacks