Overview

overview

10

Static

static

10

dff170c8c5...05.exe

windows7-x64

10

dff170c8c5...05.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    dff170c8c5794f1c95dafd27ce5bf505.bin

  • Size

    72KB

  • MD5

    dff170c8c5794f1c95dafd27ce5bf505

  • SHA1

    20d6334a46b98bb1f21165c4f841d2b01a088367

  • SHA256

    718295664e70e466925e0bb73314118ed15b6fa7144989ec425be44458a0bf16

  • SHA512

    640d93ff5c512cbf31c3914cbacc7974a01e56fb9aed043c66e83570017aa035e75621e4ca29d7ee298bc43240242e1c569591de9b7a28fdd3a50ae31a4e97ad

  • SSDEEP

    1536:PZr3ovUToWCtZcTbbEy3X9BEtX4R36QzrecOHuTNIP:Ws5J3bESNtdOHuTaP

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

reply-accidents.gl.at.ply.gg:31474

Attributes
  • Install_directory

    %Userprofile%

  • install_file

    1XClie1nt.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • dff170c8c5794f1c95dafd27ce5bf505.bin
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections