General
-
Target
XWorm V5.3.exe
-
Size
25.0MB
-
Sample
240410-clklhabh25
-
MD5
c0b4c6349df031081dd6aee3f25a1c9b
-
SHA1
82f164fdff783d2a02ae6db9e6d71d4c40a8acf7
-
SHA256
f13c9eb085bec9239557753ab617404e60a035422194550fb56c2df96bf00670
-
SHA512
63a18a2d0d894946d32a97f2e2112509b0ad54b4d5e4c04123c1c278f35669a909588d0d3036a054d544eedc6aa3025b8edd1560950e45749ee9f2db2277f69b
-
SSDEEP
393216:KU25uLx3D9Pp9HlzCDjXW4ReN1RwdtKqSPg5898ELJX88BBYUK5TzRMxwMMbNJNT:KsxP3F+30MPSP9FJXxKJoMbB
Behavioral task
behavioral1
Sample
XWorm V5.3.exe
Resource
win11-20240221-en
Malware Config
Targets
-
-
Target
XWorm V5.3.exe
-
Size
25.0MB
-
MD5
c0b4c6349df031081dd6aee3f25a1c9b
-
SHA1
82f164fdff783d2a02ae6db9e6d71d4c40a8acf7
-
SHA256
f13c9eb085bec9239557753ab617404e60a035422194550fb56c2df96bf00670
-
SHA512
63a18a2d0d894946d32a97f2e2112509b0ad54b4d5e4c04123c1c278f35669a909588d0d3036a054d544eedc6aa3025b8edd1560950e45749ee9f2db2277f69b
-
SSDEEP
393216:KU25uLx3D9Pp9HlzCDjXW4ReN1RwdtKqSPg5898ELJX88BBYUK5TzRMxwMMbNJNT:KsxP3F+30MPSP9FJXxKJoMbB
Score7/10-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-