Overview

overview

10

Static

static

10

cdba8c58e4...02.exe

windows7-x64

10

cdba8c58e4...02.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    cdba8c58e4d9e0a5e0b5053b8198f302.exe

  • Size

    206KB

  • MD5

    cdba8c58e4d9e0a5e0b5053b8198f302

  • SHA1

    f2eea90e6d683f6d9c3dd973c33ccb526160ea05

  • SHA256

    ff0bd362c496178316aa66375828349d11825dd9afaa90c5ece39a401e4e0a7d

  • SHA512

    34cd31b65b587ae1abd59ec37d80c3036eb75730182a2b72f4d544d40325654f07588c72a32f738f13a4d67dc05013f3c978430fdcdb07d8e23ee78905c2c069

  • SSDEEP

    3072:A5zMHfo7HFI9UtOwp8SKfbzxcwg7es6/Vsb8VKTup49oJMfF/H9N3Ky9NzLnK:ASelI9kUhcX7elbKTuq9bfF/H9d9n

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

Mutex

KspRabpn35rQf3I6

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

  • pastebin_url

    https://pastebin.com/raw/yLqnBLCS

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • cdba8c58e4d9e0a5e0b5053b8198f302.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections