Overview

overview

10

Static

static

10

bR8W.exe

windows7-x64

10

bR8W.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    bR8W.exe

  • Size

    31KB

  • MD5

    be407d2215206315749a86c0c7ce41c1

  • SHA1

    e99a61180d8f4faa1b2f8abe4eccbda23adaae39

  • SHA256

    6f44657e4711c10dbaa7ee19a38a5d327a9c3b8f0cd139cb416968a11ffd9ad4

  • SHA512

    cbe6bcfb44ea8f805fd2bddcae3f80c79d3f99d9dfbc201147710baf6791b0af684a7d757acd3eabb4d39df64e779c3ac5af1df50eaa0406b832c3d30992ed37

  • SSDEEP

    384:k3rVqCDweO/ace/VgFpLJPXwDs2ETIiqqR+gtFqBLTiZw/WNCvK9IkVuAxOjhL/t:NzT5gePqqZFr9RtOjhL/7vR

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

2023navidad.duckdns.org:7080

Mutex

miM6jUDn5LQiuxfm

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bR8W.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections