Overview

overview

10

Static

static

10

cf479eb23e...5c.exe

windows7-x64

10

cf479eb23e...5c.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    9ed8f212c10771fd7976c0524a3840e8.bin

  • Size

    38KB

  • MD5

    34e375011104a4db4d30e4c6cb35ae8c

  • SHA1

    4b810a64797c429f8502169f6289d66fe9802cf7

  • SHA256

    77425b9d0e90ccdc5609ff7521a30553ecab74abdd4124cf4717a8092e257bf1

  • SHA512

    ec962e4b8a8967279ad9a044a0e017fb12b2066c8ce2a1a8b25499b1c5732f97df06969a8d5cfbda4c7dc463272618d00c8fe80af2d482b00cbd5325d7c9505d

  • SSDEEP

    768:B1+Ag3E9DhxNlBfkk278ZDyd0GJT2TNTK7reC2UuuHxW0isFsd4:X+AgAxN4kQ8od9JT2JErAUBHU0iF4

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

0.tcp.ap.ngrok.io:14440

Attributes
  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9ed8f212c10771fd7976c0524a3840e8.bin
    .zip

    Password: infected

  • cf479eb23e6252acce467b8cfc14182ac725659ef8fa5c28b9271a067756955c.exe
    .exe windows:4 windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections