Overview

overview

10

Static

static

10

xuKxxBO9y1gH.exe

windows7-x64

10

xuKxxBO9y1gH.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    xuKxxBO9y1gH.exe

  • Size

    30KB

  • MD5

    8212befa9535a7ac7741fe49bbe653fe

  • SHA1

    60109b446fb61a6596c4e71723f9925474391a5c

  • SHA256

    575beebf842e93360ca595466fa746178421d969bba68868f0900f14769a1a32

  • SHA512

    31fee456fb592195d488147bd6b833beaa024a72ffc485e256babbe6ffd49aa4630a9216d19ec11cfd96306ff220eb785b1b19d7548b89e4d2304038d25a25d8

  • SSDEEP

    384:C7wTA+5OfPgEBQqWvfcQLZe3s80hYACSqRN9PD42uRugtFuBLTIOZw/WVnvn9Ikx:srgECfLH8MYAoRN9M2uBFE9RTOqhEb6

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

0.tcp.sa.ngrok.io:18384

Mutex

exSTHb25eUIigLYq

Attributes
  • install_file

    123.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • xuKxxBO9y1gH.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections