Overview

overview

10

Static

static

10

0x00060000...20.exe

windows7-x64

10

0x00060000...20.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0x0006000000022e58-20.dat

  • Size

    38KB

  • MD5

    390e5361e31cbc929e847ac6eb52fc83

  • SHA1

    dbe0142f900ca40b01756f65f6059a073e776c37

  • SHA256

    df501e6c611c658df919bbe959e54b1080da39511a7de35ab3b5146e32584728

  • SHA512

    da8c785cf64c6d4ebfe6b4610ff51fccf5276dcfb87a5e7c4ba5dfe3ad1637ad1fc2ebff48073e5a948c2ac54dfbd97c7e60810942be80e1686a53fd892674d9

  • SSDEEP

    768:ouTCWuUSucWKwJwqv2QHF89EP6dOMhg4d:ouTspTw/2MF89EP6dOMWm

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

5.182.87.154:7000

Mutex

Tb9D0Kzf4g8Fpa6f

Attributes
  • Install_directory

    %AppData%

  • install_file

    MShelper.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0x0006000000022e58-20.dat
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections