Overview

overview

10

Static

static

10

AWS 5.1 @T00Ls.exe

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    AWS 5.1 @T00Ls.exe

  • Size

    74KB

  • MD5

    906c1cb5955cd814d20a19b11b4e7cec

  • SHA1

    c58398b334262726ea454a0224a12162e7cdb291

  • SHA256

    da2f35f0e00e9c6d7fcf28d3e9023df038996e2c2f16b193f19d2af98ae0cee5

  • SHA512

    e8737aabc61936875d5fe8b60d03eae94a7dedd9c7906624546b6e638a4c80875042011417f7ad32acf144d48d53dc3fcbb4918a50b4b532d1c58882a9cb45bf

  • SSDEEP

    1536:F4lE33CnWrzJvEEr9EhjdjoCztOHbOm3fGLuCWUd6boO0v20d:FSU3zJkhjiCBOHb93AlWURO220

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

R3dm0v3-52006.portmap.host:52006

Attributes
  • Install_directory

    %Temp%

  • install_file

    Edition.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • AWS 5.1 @T00Ls.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections