Overview

overview

10

Static

static

10

PATHNK.exe

windows7-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PATHNK.exe

  • Size

    67KB

  • MD5

    c6317364283770fdb6f84b2de5bf8ac4

  • SHA1

    26fb5faf27dae058e80e3cdcaefb5df1c99fd1ff

  • SHA256

    34cf8c1738cb354ab3f71cccd889bba6e46ad29d71a506cc12d1157d5f1679a2

  • SHA512

    b4374d0c5f362e1b4dfe72a21d739ba95edc16c54c39065bb9d3dee8ff86805a6f1ebd2ff08d227ee2dc887d810956bf386bc1f2c832f611b9923e1972f5adf8

  • SSDEEP

    1536:KEkzw1DFyZeGX6wPbTh4wCTkb5TSlcjx6Nbi6y2VORiK:7kwx4eGX6wPbHb5SlE6NbXORiK

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

18.ip.gl.ply.gg:60865

Attributes
  • Install_directory

    %AppData%

  • install_file

    NerestPCchams.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • PATHNK.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections