Overview

overview

10

Static

static

10

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    8dc0ce77162bd62f1c4aa4108d2f82a3ab64e99b23b6d369a9f8e884b1e7b8c4

  • Size

    168KB

  • MD5

    b3aa8653079137d67f1998dbafeca57b

  • SHA1

    c386202ac9c537ec72cd66049d8d97be6c2351f9

  • SHA256

    8dc0ce77162bd62f1c4aa4108d2f82a3ab64e99b23b6d369a9f8e884b1e7b8c4

  • SHA512

    13229c5bc75de59acc05033acb4eaa4672d52cef47d31f0a3c03546b2cc46b2efe4f2e72eca85a804063a0d5a26610dd990f17c1b95f1df04b096931251fa58b

  • SSDEEP

    3072:uVuD8ZKNx6EpT+flldbIsbqOipDQQkEbrjCTo:kEPT0lldbLIDkui

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

dentiste.ddns.net:7010

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

  • telegram

    https://api.telegram.org/bot5720516014:AAF4KOAv3GXHFU0RS3g4HPsucKDwQf01__A

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8dc0ce77162bd62f1c4aa4108d2f82a3ab64e99b23b6d369a9f8e884b1e7b8c4
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections