Overview

overview

10

Static

static

10

darkside v...xd.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Darkside v2.0.rar

  • Size

    20KB

  • MD5

    cb37308c9861a545eff1e0550054c2ce

  • SHA1

    82e246ae60c93f3f70940e2abb2a43d8d36c8776

  • SHA256

    dcc87db3640c647fcc727d7acdce13e33e62420dd1422732f214dbb7db034119

  • SHA512

    86273d575cc6d69943c46a351efbd51e28dcac1c24c4a2afee37debe0c38896cea77918d2c7c94e587592e0e441c35daef392a9468d30035f42d1107be13d776

  • SSDEEP

    384:YgIO5Hm8y3ppMiFMKqeMev0F9d4Jx9UyyIcQdJvb5M1J7w0hKLh29qso:FpG8ySKbM1FUxXyIcKVW37w0hncn

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

2.tcp.eu.ngrok.io:13068

Mutex

GmM5rY93OBR0z755

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Darkside v2.0.rar
    .rar
  • darkside v2 by venoxd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections