Overview

overview

10

Static

static

10

void_tempspoof.exe

windows7-x64

void_tempspoof.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    void_tempspoof.exe

  • Size

    236KB

  • MD5

    be3c3295fed7c342468dba61e5533e47

  • SHA1

    dc8b0c07f5ac768a3409779cb6b58f0c59564694

  • SHA256

    89086a2228ff7802d52cd6250faccca3214de2b088571020d10cb2a299872b78

  • SHA512

    07401d4135139971a4038c71b27c74ddd34b9951ac3796409330bdf4e21b4415b42e6def28f64210eb8d8a8da0e206aaae34dea4afbef369a10cab13bf06bcf3

  • SSDEEP

    6144:p2o/xTkO/umxc5iXPqfghy/PC3X8mPCSr:wUomx6i/e+wqn

Score
10/10
vmprotectxworm

Malware Config

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • void_tempspoof.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections