nworm | d8f9dc08fa8124e1657db0b46d16afaae7920aee1525e642f81690d24ba4b237[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

d8f9dc08fa...37.exe

windows7_x64

d8f9dc08fa...37.exe

windows10_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d8f9dc08fa8124e1657db0b46d16afaae7920aee1525e642f81690d24ba4b237.exe

Resource

win7-en-20211208

nworm downloader worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

d8f9dc08fa8124e1657db0b46d16afaae7920aee1525e642f81690d24ba4b237.exe

Resource

win10-en-20211208

nworm downloader worm

windows10_x64

0 signatures

0 seconds

General

Target

d8f9dc08fa8124e1657db0b46d16afaae7920aee1525e642f81690d24ba4b237.bin
Size

16KB
MD5

761a562ffe8956f35bd62e0ac3437a87
SHA1

f155198f6623d4d668040aa9c880d0dfc7bda6ba
SHA256

d8f9dc08fa8124e1657db0b46d16afaae7920aee1525e642f81690d24ba4b237
SHA512

4c91c4151bab882eab4b38bca4b5c4f5c708bcb5378e5e75a8c2ba3ebbc6269c44c0392358fa794c0a9e7382cc78ec3df3b1f6b6cd3299d4698dfb17ca5ad1c7
SSDEEP

384:7c71T+Rh/1xo48U8Q8bfKMwmJ2cX0CcoB+D:7c7sxro4IXbyg39co4D

Score

10^/10

nworm

Malware Config

Extracted

Family

nworm

Version

v0.3.8

C2

66.70.242.36:8080

127.0.0.0:8080

Mutex

6cc4fade

Signatures

Nworm family
nworm

Files

d8f9dc08fa8124e1657db0b46d16afaae7920aee1525e642f81690d24ba4b237.bin
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy