Overview

overview

10

Static

static

10

dasdad.exe

windows10-1703-x64

10

dasdad.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    dasdad.exe

  • Size

    68KB

  • MD5

    ea59f0e302060e68946c5db96236d36b

  • SHA1

    86b779374f0f4c2e75512b856579ec91f5206bb2

  • SHA256

    1a42a78052ad1697a9b59496705cbbfc0f5e13c637e4c2631f3ec72e3ec5f62e

  • SHA512

    3158caf80e603802edac1c03fe222539f3f0e84d568917028cd5573104baa94f772b4e09d30d5f4129ce16b306f1b54c45ea662862ee18c8c66e5416b54e11c5

  • SSDEEP

    1536:vKSi5rgh+uhdiUR30J85fbDrBzbH67PObMDps:RUrgh1oM3YefbDrQObMls

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

https://pastebin.com/raw/mfW9zYDR:123456789

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

  • pastebin_url

    https://pastebin.com/raw/mfW9zYDR

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • dasdad.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections