xworm | ca6aeab0c4a81955de600f3893486d3350c2959678a429f58a8b3d3b9ebf765c[.]zip

General

Target

ca6aeab0c4a81955de600f3893486d3350c2959678a429f58a8b3d3b9ebf765c.zip
Size

17KB
MD5

c2bf8a2091569c6dced7a8dfea594671
SHA1

373bcb303df7f6358de6ba8987561964b7d37897
SHA256

aaa61ff9c4c55ba6c730f756810bea081bcf5aadb63aa2bc28ccf783024b28e5
SHA512

5afad47f41a37fb044ed35150c9a8b1ef4dff44b71293be1db869a39e0468b874166096685c8815f04d91b62e30bf880335d6166ba3f759a30f9211fe4949268
SSDEEP

384:F+FwLS0iNYMl3vuDvSDgr+1DRz9QRculFTdISJx9pO6U+a:oF8S0iNDl3vmaErGz9fqPjfO6Ub

Score

10^/10

xworm

Family

xworm

C2

daddy.linkpc.net:7000

Mutex

tiBM2lLdmw5onVxB

Attributes

aes.plain

ca6aeab0c4a81955de600f3893486d3350c2959678a429f58a8b3d3b9ebf765c.zip
.zip

Password: infected
ca6aeab0c4a81955de600f3893486d3350c2959678a429f58a8b3d3b9ebf765c.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ