Overview

overview

10

Static

static

10

bda85a2a33...3c.exe

windows7-x64

10

bda85a2a33...3c.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    bda85a2a335333b47cb84516b49f90ff655ab1b1c430a6c45a5f49666d3bc23c

  • Size

    37KB

  • MD5

    07d132bf3b42a03e490fb8d514774d75

  • SHA1

    daebb7728160b1613b8cd6eea90d3ea498ce51df

  • SHA256

    bda85a2a335333b47cb84516b49f90ff655ab1b1c430a6c45a5f49666d3bc23c

  • SHA512

    67c31e7f887e35d22169046c69c4a4be0a6c66e3f6145330807c2df716ca0e95a1c096d27f3923d77cde2695e338e4c6d25670ff1c593028b0b1a70d857b132a

  • SSDEEP

    768:ZJ6HliC6TxJM6tQ6IlEPTFA9YmOMhub5:ZJTCC8PlE7FA9YmOMgt

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

sdfvskdjcnsdkcmowdijfei.con-ip.com:7000

Mutex

PMcFUOVLbQzXrsuF

Attributes
  • Install_directory

    %AppData%

  • install_file

    Temp.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Detects Windows executables referencing non-Windows User-Agents 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bda85a2a335333b47cb84516b49f90ff655ab1b1c430a6c45a5f49666d3bc23c
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections