xworm | d9bd35ba318c3e05bd39807753ca196c65c4b49dc8b0d97dbccdea1fd21a38d8

General

Target

d9bd35ba318c3e05bd39807753ca196c65c4b49dc8b0d97dbccdea1fd21a38d8
Size

227KB
MD5

3e93ac1f8b58cf9970268a185b646223
SHA1

9fc2a714822e73a3bc992c9e6f2a711bdca7d56f
SHA256

d9bd35ba318c3e05bd39807753ca196c65c4b49dc8b0d97dbccdea1fd21a38d8
SHA512

334a6547d5e90bebe0675bda579752e48c29090f8b08097fcd3a9702f9c88a4fcf302985abc3e7ce8472dce7d0569e1cb7268b23eabc352ff1b2b06aef3d8ca1
SSDEEP

3072:EgFNd3Kt3itiyxxmCujEffXVT/+hGNR9bv7ODwcH5im98A57EF3Cf7jjL7w80ghe:EYaaOF0g7OVY/o9bc5jopy

Score

10^/10

xworm

Family

xworm

Version

5.0

aes.plain

Detect Xworm Payload 1 IoCs

resource	yara_rule
sample	family_xworm

Detects Windows executables referencing non-Windows User-Agents 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_NoneWindowsUA

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9bd35ba318c3e05bd39807753ca196c65c4b49dc8b0d97dbccdea1fd21a38d8