Overview

overview

10

Static

static

10

tmp.exe

windows7-x64

10

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    38KB

  • MD5

    c07bd6f1db41c8a777f7315b254e9c42

  • SHA1

    6151b17545888c1304e8b6b28a2071fe94c9e79f

  • SHA256

    49ea02a2e7f76432f2b474d07bbdd250543671e084e5e8c99a096b46af30d95d

  • SHA512

    83979cc3f66d72931815be5a283b754c7a972fd1dbcf0df500f93e3c4d221407a26b047e8c6ec9f65113f2846db0aad46d88bf3cf8a3b8c47d26a0485155f8dd

  • SSDEEP

    384:uRpzjSrmqWzFVTD+i8cEv2uBLYRVAGpK94rFo1c0/pkFMAzNLTOZwg3OcvK9IbjD:iFuCzADYRy94Bo1cTFh9P8OMhS4j

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

79.133.57.122:7000

Mutex

pvC9E3QrtLsVzQQr

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • tmp
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections