Overview

overview

10

Static

static

10

83b91f0981...52.exe

windows7-x64

10

83b91f0981...52.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    12b9fd9acbc1ad0d11ea58a6930f119c.bin

  • Size

    34KB

  • MD5

    de516b715012928bac09fe1895d462c1

  • SHA1

    85472ddf7a36c98a47abc4347cd7a086fe5319a2

  • SHA256

    e942b259d8288d08b40f32da5ae64d3248279996c163e373306b26b959cf97fa

  • SHA512

    7cce8cc272ff11572fed383d51762c241511d1a3ebfd3fd22553f650e492960ce23f0c089aa9612aa87d7dbc520effcfd73f91cdb484a67895bfd60197e0ec2f

  • SSDEEP

    768:kWxPCeRl1h2jINQniqdjlskzJMxTWVX8/pUqb5L1xSYfrr9yf:DCeRDh2jaQiksQMy8RUGQorpyf

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

serverwindor.duckdns.org:5000

Attributes
  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 12b9fd9acbc1ad0d11ea58a6930f119c.bin
    .zip

    Password: infected

  • 83b91f098157b5ba0147972c1d5c4d751d66fc59d7645e2e643ce863101f6d52.exe
    .exe windows:4 windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections