Overview

overview

10

Static

static

10

rbxgenerat...34.exe

macos-10.15-amd64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    rbxgeneratorv2.1.34.exe

  • Size

    39KB

  • MD5

    6321be14c72b04f710c8c75985d7a063

  • SHA1

    c0e2687d5685e9f669e4e7055fa56774037b0a8e

  • SHA256

    c357bc42f673dda1a496d3e879caf654cadf19e451a5867b529b7fd9b77c654d

  • SHA512

    4506c8ee13f03b134d255d5c4a5ced4221940d2afd345ec3a21e2fa09b6ccf0a42f832a50e1662c7c2497a7d4618425727b1c947e417ea33e782c76d62ba3e3b

  • SSDEEP

    768:w2qvGo8BxkRjTsJQsiA5t5SNR4tF5Pa9IpOMhw3EhsQA:wvGoKxkRjTrfA5fGRwFg9IpOM2Aa

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

traffic-statewide.gl.at.ply.gg:20234

Mutex

aoCbav8IDOT7Hdf9

Attributes
  • Install_directory

    %AppData%

  • install_file

    winlogon.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • rbxgeneratorv2.1.34.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections