Overview

overview

10

Static

static

10

0x00070000...41.exe

windows7-x64

10

0x00070000...41.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    0x0007000000004e76-141.dat

  • Size

    375KB

  • MD5

    216ef921adac2bbb51ff6331f61b19e7

  • SHA1

    90c3cfc3b78daa2bfa12d26dbd765fbfd4bc510d

  • SHA256

    5d717d35b913ff6d13c408f294d899ca58bb321598426eca2bea71b9e6edd9ce

  • SHA512

    33b817fe0b8bcca66173dd293de6a4926b5195a990ee575a378eb4c71610dc68bb3e36b70f4498bd8a2fc9d12283b05a8fd296d2108554105f0e49fdb9e89f0c

  • SSDEEP

    3072:TS0WP4rKvs3PGvbDis7GF3iO0FrEwMR94jVEUbRRYcWD/j/JJ9eGwUWNxo+K98Pn:T/KE3Ovb/KF3wIUEUVRxK/LKG9kv/

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    SecurityHealthSystray.exe

  • telegram

    https://api.telegram.org/bot5370417334:AAEZrEauqhTNZInhZ9_-SaapQJIi0hIvjJU

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0x0007000000004e76-141.dat
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections