Overview

overview

10

Static

static

10

19b612d825...0d.exe

windows7-x64

10

19b612d825...0d.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    19b612d8258a3c6300227a5270bf0e0d.bin

  • Size

    189KB

  • MD5

    19b612d8258a3c6300227a5270bf0e0d

  • SHA1

    9ddafe3f33ea0cba2d7a75c1ca67d25d11227916

  • SHA256

    5470e1b97815a9c5454e037439cae4c6f4966d22aacdb90c6714cbde4616fcf0

  • SHA512

    c6e675aa27bcbe0e395cf54bf871fb32a1af28f3fb7ff56cd6818fe912918a565c9cce2935c42495ede3fd0ff12935723ed2f1ead372d9bbbc68d0b468891005

  • SSDEEP

    3072:qb5EbX3RagibJ9o/VW43OkyiC2Bz65/M6If+3Js+3JFkKeTnY:aUHAgibI/Q4DC2xBt25

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

140.238.91.110:33439

uk2.localto.net:38769:33439
Attributes
  • Install_directory

    %ProgramData%

  • install_file

    WS64XENDISA.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 19b612d8258a3c6300227a5270bf0e0d.bin
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections