Overview

overview

10

Static

static

10

Revert_Proxy2.exe

windows7-x64

10

Revert_Proxy2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Revert_Proxy2.exe

  • Size

    50KB

  • MD5

    8ed10249a741529f5ce9ebbcfa50b4ab

  • SHA1

    1135d5e4cd03ba57c681016c5c18bda35c7144fd

  • SHA256

    a9acd48968fdffc028988d29979a781cc707b96fd1483f7825a1014c89fe9e49

  • SHA512

    2700127217546eb248ce086857c1c0fdc6fda3db18576b65dcde7e208c5319c97b782b7459f9f88a67cd1eeea9844dd7083423f903b4c9f25fe108f072ff6409

  • SSDEEP

    1536:Wf05a/CTjS89IFc9Uw68OMA3dS1EAd8IIR:Wf05a/CTJ9IFc9UuOMmgEA6IIR

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

85.203.4.127:1474

Mutex

eBA1hJEKi2fpwXUX

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    VLC_Media.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Revert_Proxy2.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections