Overview

overview

10

Static

static

10

gorillatag_menu.exe

windows7-x64

10

gorillatag_menu.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gorillatag_menu.exe

  • Size

    77KB

  • MD5

    403af13cc3607239eb22573d0c10a79f

  • SHA1

    f0647b160ad32b887b0a43857be6a1e39cfa5f60

  • SHA256

    a952766d22bea001e29076708dcc6b9938b59aba360604a6867c9245c75c4a25

  • SHA512

    e5c7621a178ab94e284e40905fc3dbd300df7636e20028f2c79ccdd8b2e1e2d651063f1de75b1579aa261b765ebc2fb765e09c57cd3779ab21c87c9f2cd6f997

  • SSDEEP

    1536:StKwir1qN2h4r6gHMbtNPFyPrs6FM9Owuw2vU2H:4krQhugHMbtaPCOLw2vzH

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:6969

192.168.68.64:6969

172.250.130.213:6969
Attributes
  • Install_directory

    %ProgramData%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • gorillatag_menu.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections