Overview

overview

10

Static

static

10

87b2797f05...cf.exe

windows7-x64

10

87b2797f05...cf.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    868142ebdb38de361d4a3cba65dc84a0.bin

  • Size

    17KB

  • MD5

    a90eb2a1906dc108b9c7ad8b1b2e9949

  • SHA1

    90b8b50dc66ab153170d57f33d714f2291f0193f

  • SHA256

    b0ee9d7b623c1fa97aee5dee4c8382b33f539968f4e0631c1cbc40be979c7828

  • SHA512

    561145d223ff12e56f6d2f72a58e5b5595644824ead8c5efc98d9b5b7b902647b560f6fc566d0453b38d8d6079634a4fe959f0ff13804c883da812462753aa8b

  • SSDEEP

    384:XuuyuBk1xU/DG/MwxVAAq+t2UuA+Z4ysNomSjFHVmKh6J:XuuNYxUrG0KyAqk8XlsNoJHVmKh6J

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

2.2

C2

septiembre2022.duckdns.org:3130

Mutex

xhfFKjnT0vIof1OB

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 868142ebdb38de361d4a3cba65dc84a0.bin
    .zip

    Password: infected

  • 87b2797f05debda5a97abab75511afdb42a2992fd8ca45e094b26bef558397cf.exe
    .exe windows:4 windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections