Overview

overview

10

Static

static

10

400000.RegAsm.exe

windows7-x64

10

400000.RegAsm.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    400000.RegAsm.7z

  • Size

    15KB

  • MD5

    81a73f1a0ba950a4796d5b1f28939403

  • SHA1

    699a2152b65b1125e957c24779ef571efa9c39cf

  • SHA256

    ffa17ede641aeee90a3222fdd0bda6c0e4b1c604999708747af677a44345b12c

  • SHA512

    03c121c2a5bc6eebc5d76339f54e4550745f6d207512dc5f3812f58169d404860e1cc97674724c1b69b44518f39cc4a87769deb4c50f2babefa1fedd2a52e23c

  • SSDEEP

    384:/7VAxs05VvxPgUBMG493utxAhe9F3gx8Q2fO6aoh:/h4Vv9GVwNwWh

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

tcxerr.duckdns.org:3287

Mutex

qM3OcxTIElPXVLgT

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 400000.RegAsm.7z
    .7z

    Password: infected

  • 400000.RegAsm.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections