xworm | chromeexe[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

chromeexe.exe
Size

40KB
MD5

ad7ede4ea1083ef1c64864bb261eac3c
SHA1

f3c1ae65b0a9c0e02fff486da433f008bd55ba9f
SHA256

25b89de1c10abf58b67d1ff75ef998238b6cdeba70a737dcffc188dcc52e1bf6
SHA512

f9e2f691f69b906e2cfd56ce17ce74620e6a0e518cb0bb55761832e6ae85662b195df20fd3109a25ecec4e6240c0374de0094c4dc3b674ecd323caa6ed40c41e
SSDEEP

768:hfSHZWy+t6WYqdEwNJcy9SKdV2UKkJRil:h0At6WY+RZPZr8l

Score

10^/10

xworm

Malware Config

Extracted

Family

xworm

C2

german-sip.at.ply.gg:3690

Mutex

FdKI0fxlMgSpF8ex

Attributes

install_file
USB.exe

aes.plain

Signatures

Xworm family
xworm

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
chromeexe.exe

Files

chromeexe.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ