Overview

overview

10

Static

static

10

326f2caac4...ce.exe

windows7-x64

10

326f2caac4...ce.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    61c7dc2acfea864ad45b2a4fa8b1bb5c.bin

  • Size

    16KB

  • MD5

    d20d2d8dcc002ee48a12231da49d9d67

  • SHA1

    e50bfbbd1c655f870e4ba784f17aa2a236f9f297

  • SHA256

    f7a3c14a228e14911462c2917fe5e130ec6ca5a63478b33669af040198780d1e

  • SHA512

    4f0f2a89b932b4b1792a1fabd12e2d7fc8d28bef3692dcae7d4204aae78ae644b498ba26e76473e56c84f1a38476692739659ffcdc8457a823003eba0b0dec6c

  • SSDEEP

    384:ZfNAP5Aa61soLNqPt5r+3aVL5rMoNuBNKc9eGAbvl2s6:FA5A11VNqOq9FMcuBAcgGcvl2d

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

wormplace.duckdns.org:7771

Mutex

42ZSJUh5fcssCBli

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 61c7dc2acfea864ad45b2a4fa8b1bb5c.bin
    .zip

    Password: infected

  • 326f2caac45fb3fd8aeb65f3c70105bce862022c2e30de367ebf9fbb77d1abce.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections