General
-
Target
Xworm V3.0 Cracked By ESCANOR.rar
-
Size
50.9MB
-
Sample
230312-2jrz8sff87
-
MD5
9beb2a6a3c038b593c1097f7c45b2f32
-
SHA1
380808ebc23db6d49b5e0bf8a044ce1d9acb543d
-
SHA256
98293075b20ad86a0c98fdb2ac14decc7752232a94c6da5fa77d8cbb04894b23
-
SHA512
e8c777eea7d47a8dec3969604ff1895b8dfbd9841ec4621ecbe990fe1e7e0b892335cce6de34f4d8d0853baf086a6f8e42b2800b0c30c2298399b4f8a6367de3
-
SSDEEP
1572864:mUxIGaiWa5+yreZ9LQjC6uWv5+yreZzUxIGaU:mx1tZy89LaYy8zx1U
Behavioral task
behavioral1
Sample
Xworm V3.0 Cracked By ESCANOR/Xworm v3.0 Cracked By Escanor.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral2
Sample
Xworm v3.0 Cracked By Escanor.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Xworm V3.0 Cracked By ESCANOR/Xworm v3.0 Cracked By Escanor.exe
-
Size
11.3MB
-
MD5
87c0e0489f690aca435b7fa0b41a9b3e
-
SHA1
53e3f67c3c800866eca4d69b6d0a88913f195e6d
-
SHA256
65143d900e8afe9b3254cd47a59b127f2b12601417140149e931aaf1a3270fc4
-
SHA512
97ff1fb38f7179026d832edacfac1579bba9c1c6fd54e2928479c3f97e143a0a65661685e12227c3a087fa499deb02a7995d051a1894906361705bd8d9477db7
-
SSDEEP
196608:tlc4uM1wTF49PkNM6cyXKoRkLZvaU6ScXc4sqgCzlMNxKa+M9d:tlc49W4uNM6cyXKS4vKSoiqgASNUPq
Score7/10-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
-
-
Target
Xworm v3.0 Cracked By Escanor.exe
-
Size
11.3MB
-
MD5
87c0e0489f690aca435b7fa0b41a9b3e
-
SHA1
53e3f67c3c800866eca4d69b6d0a88913f195e6d
-
SHA256
65143d900e8afe9b3254cd47a59b127f2b12601417140149e931aaf1a3270fc4
-
SHA512
97ff1fb38f7179026d832edacfac1579bba9c1c6fd54e2928479c3f97e143a0a65661685e12227c3a087fa499deb02a7995d051a1894906361705bd8d9477db7
-
SSDEEP
196608:tlc4uM1wTF49PkNM6cyXKoRkLZvaU6ScXc4sqgCzlMNxKa+M9d:tlc49W4uNM6cyXKS4vKSoiqgASNUPq
Score7/10-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Legitimate hosting services abused for malware hosting/C2
-