Overview

overview

10

Static

static

10

loader.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    loader.exe

  • Size

    39KB

  • MD5

    de816c9a61a6a7dc3aaaf6bb4a951d0a

  • SHA1

    aab074feda312e521fee8b68e109ae1aeca04ded

  • SHA256

    0298ce15b89b28a28a55226b43f0c0fe0b5e7f73671a46f367a6ddc3c0c8750c

  • SHA512

    7073a6f81aa94e162a3786a7e5c1c5603287fad9f254bc69e4208350280e75614915875c99398f93d56e9cd13f8ce0affef1d3cf979a47d0103f2a3326c325a4

  • SSDEEP

    768:9NT0Woe2Nt0kyd2pwKuukUm2ufFWPt92GvW6dOMh+al6:9Npo7LZkewKuunsFe92Gu6dOMcN

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

does-moment.gl.at.ply.gg:6969

Mutex

XZpFX79rel5ZnFOb

Attributes
  • Install_directory

    %Public%

  • install_file

    Runtime Broker.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • loader.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections