Overview

overview

10

Static

static

10

setup.exe

windows10-1703-x64

10

setup.exe

windows7-x64

10

setup.exe

windows10-1703-x64

10

setup.exe

windows10-2004-x64

10

setup.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    setup.exe

  • Size

    228KB

  • MD5

    410537e758f26e8d2b47458003b7dd38

  • SHA1

    d5aafb05bfa0aa543a50cca113550abbfb9eba12

  • SHA256

    113efff1fdb9ca4fcd4cf9631caa0a8ee1cfbdcb6652cc81fd7bcf566faccb24

  • SHA512

    8a93520ff70ddd66cdcb3fa7fbd55cd357363a07c27788574d04db8d6055855606e865843862cd1a764dccd84ad868ca56254f27fdd1999c4987cbd2a3da6bcc

  • SSDEEP

    3072:BoWbm6XgMRO8T8SKfbzxcwg7es6/Vsb8VKTu549oJMfF/H9N3Ky9NzLnP:6Wb/UhcX7elbKTua9bfF/H9d9n

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:8848

6.tcp.eu.ngrok.io:13556:8848
Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • setup.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections