Overview

overview

10

Static

static

10

3f73994836...41.exe

windows7-x64

10

3f73994836...41.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3f739948360e968ba04d0eeafaad6341.bin

  • Size

    38KB

  • MD5

    3f739948360e968ba04d0eeafaad6341

  • SHA1

    7d39279f6a62b87d2c343fbaa78c784f072747f0

  • SHA256

    9e5612cd0949cb21b3d12491294ebe173571c1a665014dbbce7f7ebb995d42d0

  • SHA512

    7571d334364c60c69ed7ff4fff6cd4e1d69ff7f639ee002c58179828f5708be24f7fc1559a8b996e27757991a92e24f0d9c1410a660d1f7a0843810029bdcfb8

  • SSDEEP

    768:6NmIHR3/9Vj3gVY94Bo1cTFh9PHYOMh54E:6NmIHR3/9VkmCo1UFh9PHYOM3D

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

45.88.77.20:7000

Mutex

KVPcqClYsIf52MwY

Attributes
  • Install_directory

    %AppData%

  • install_file

    DEVIL.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3f739948360e968ba04d0eeafaad6341.bin
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections