General

  • Target

    XWorm V5.0.exe

  • Size

    11.2MB

  • MD5

    3167d13d705dce86c4cd6b9765e220aa

  • SHA1

    ec50d9b045753173f9f6aa18af5c684a619fd616

  • SHA256

    9836b324a9a693050de20893b9ec1f6bd9c7d9b03eaf21112947cb82183c2016

  • SHA512

    88e59013ca52f9e62975d16d2085e90a0fceffc8de1f0d7aed0bff589a09720cce8e24c147edeeada4af5d5319f5ac5df5a686b21fa1f41bdd3ffab1bc54a3d4

  • SSDEEP

    196608:359nhcOWSxxgQHl2np1eY5J5itQaZWtU8i/MJYR:3RRWQBQnpji1W+8i/T

Score
10/10

Malware Config

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Obfuscated with Agile.Net obfuscator 1 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XWorm V5.0.exe
    .exe windows:4 windows x86


    Headers

    Sections