XWorm-RAT-V2[.]1[.]exe[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

XWorm-RAT-V2.1.exe.exe
Size

6.2MB
MD5

6b44d0c3245a94a3be3233407096fd68
SHA1

cdd7e11bfbb187d36c47b74c7adab9645392b7bd
SHA256

42a1ea9bfdcc125b164a80f14b66d22869e5dc21d469d02ad0385ad8304cb2e5
SHA512

0e14bac336f758b737b02d014d8d086eaa14d3834c41a74e73a30657f1dfa1896ae2337234383eb51460232b622900178502d51cab12af471506c5bb9e10ed7e
SSDEEP

196608:8q+8TdYvFpe+0oMZUYUIcILXqNt2WIc1L:rtZWpoo0kIcqaNAZG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
XWorm-RAT-V2.1.exe.exe

Files

XWorm-RAT-V2.1.exe.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ