Overview

overview

10

Static

static

10

Nezur DB v2.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Nezur DB v2.exe

  • Size

    37KB

  • MD5

    d63d642d9ba3d299b5bf2c3df7f9930c

  • SHA1

    d930dd6c43acc41d474aec27ddf6ed0f56b65152

  • SHA256

    0aa9954f8a9156e8a72c6006edc0b11665966ef82cbf8c541317ca10227cfb04

  • SHA512

    65ad51dea2f003b402f8412656c045a93fc2d6aa7b894361bc2d6bfcc5dc261e20825cfbec5cd8061236386a5fe9e4061f5f2d84d8053e52a5bcd22ab33d1ada

  • SSDEEP

    768:Ye0gkkKOFnVlJDnVbsQwOmenFWPm9E0C6OOMhPLb8:YRgkFEnVbjtsQwEFd9E0C6OOMtP8

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:7000

Mutex

oQwuZGfaNGCXJHKg

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Nezur DB v2.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections