Overview

overview

10

Static

static

10

0916e609fd...48.exe

windows7-x64

10

0916e609fd...48.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0916e609fd3361474a80c2c6cb9d8748.bin

  • Size

    32KB

  • MD5

    0916e609fd3361474a80c2c6cb9d8748

  • SHA1

    498286fd798a8b607df4237e61036a59ff00183c

  • SHA256

    5a24eb5e467a6eb18322b96466540ef25b5b3dedfd024e33138e86a50ca9795c

  • SHA512

    359bb9a917fd5e19991fbbebfe4285e0e07c4f07bd07f9363ad2f39ca6d5cc0c5ce5451f89eeed83dc02c775eefa744397edf2ce20658367a3d9452b813adc4f

  • SSDEEP

    768:lUa+vNVBBdfwoso9qimZ6VFY9jN3Ojhnb5:ovNVGorfm2FY9jN3Oj51

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

0.tcp.ngrok.io:19128

Mutex

j1E5wMJMVe7GDlMg

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0916e609fd3361474a80c2c6cb9d8748.bin
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections