Overview

overview

10

Static

static

10

xwormwithstart.exe

windows7-x64

10

xwormwithstart.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    xwormwithstart.exe

  • Size

    35KB

  • MD5

    971cd0e08332f5bdff531d8a360f2f60

  • SHA1

    1feb60ea2021efa641566b05d8f8f140260e7418

  • SHA256

    52634ade55558807042eae35e2777894e405e811102e980a2e2b25d151fde121

  • SHA512

    8c9d36a008133653e4bc8cd2dc1170b290603a1c46f872bf321a97d3c0009ff959282bc312aef84ed58737501ffb3953f7b0e02e9ab66e27f90155951a2f3d43

  • SSDEEP

    384:Ogg9j00WbqxAMTayV5N+5maFZZL3CRpJm3/KNm0E0VgtFMAmNLToZw/RZCvK9Ik7:IB4QBTOl3Ck3CNsVFQ92VOMhbuvl7

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

momentmoney79.duckdns.org:8895

Mutex

NqvLox2KJ9Jkndon

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • xwormwithstart.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections