Overview

overview

10

Static

static

10

a088b9f3b8...fd.exe

windows7-x64

10

a088b9f3b8...fd.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3f7913c73decfcac56e9f1c1bfb2779a.bin

  • Size

    17KB

  • MD5

    b4a93866507e7b995ed710e574c6bad0

  • SHA1

    ca4081b98c320022e2ec7e993d950ec37300aaf1

  • SHA256

    0186ea1ba2756886cb3f5286834054a75114d0103a9ae3689a8762ea129456b5

  • SHA512

    b058c6a15a1d4d1aad9b44a187af80518593d1d28ec1ac44aded926f185369edd38d460fac2ad2ee2106baf9a56b2d36489f48c675c1e13bfe7ebf106635f365

  • SSDEEP

    384:R7JeIbms5dLlZRW7l+0nvB9YQKjLV0eEob2HIUuy5SZ:vHHLfRfWvB9YQ6WFobSI6U

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

2.2

C2

septiembre2022.duckdns.org:3130

Mutex

5Eyk7TkepwJVWJFv

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3f7913c73decfcac56e9f1c1bfb2779a.bin
    .zip

    Password: infected

  • a088b9f3b8936f8fc7ef1c26a30e38b6fed5a08f20aad35a69733f2b83b9bffd.exe
    .exe windows:4 windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections