xworm | invoice[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

invoice.exe

windows7-x64

invoice.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

invoice.exe

Resource

win7-20220812-en

xworm persistence rat trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

invoice.exe

Resource

win10v2004-20220812-en

xworm persistence rat trojan

windows10-2004-x64

11 signatures

150 seconds

General

Target

invoice.exe
Size

43KB
MD5

eaba241fd96f328f0ba331c87d5976f8
SHA1

11be3a7a261f0fa91b8253a3b51ca1067d0bee22
SHA256

3f5ea720ad54f5fcb59a2989a484b08e01a82b69bb9715f18afaf2aabc35a7df
SHA512

9c4bb5ffa999fd60d3eb884dac68428378a8a5797d1b457fb2f2cd96679e4e6be156317dc3a64c7b3e35f0527c7171bb95098904d04f44fe776915e32351c38e
SSDEEP

768:75FpQGqDiJxkG6mG0LvUI++WUxjVMjBbGiU2NsoKr:7HJKG6mGy8X+WUx5qBGUWr

Score

10^/10

xworm

Malware Config

Extracted

Family

xworm

C2

44.201.221.153:7000

Mutex

lNcfNBcZtP4BnDMx

Attributes

install_file
tst.exe

aes.plain

Signatures

Xworm family
xworm

Files

invoice.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy