Overview

overview

10

Static

static

10

hjghfggfghfgfhnt.exe

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hjghfggfghfgfhnt.exe

  • Size

    86KB

  • MD5

    e8aab9a49c8f964ccee3d26f5e31cf40

  • SHA1

    bef1609695d579e20f19ddc32f4c05b87e0593be

  • SHA256

    4b99c9ec06743b0551c1f69464d884c9a350dd3efbe4a9e4c2f7f637ee4fd130

  • SHA512

    e165d1ebdfb85635907a84474fc64f3d4f6f9e1953522018de7c1a8876655a3c2e273e526b6f1ec49df337be5971d91870ba47ac574a6ee1fe6241273c3b1dc9

  • SSDEEP

    1536:rt3Jw1XYk6zvWK8m/bgiRBkL+QafT6F4mOduPSVKEl:rt3Jw9G4kbgWk6Qx4mOduPwl

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

0.tcp.eu.ngrok.io:38479

7.tcp.eu.ngrok.io:38479

europe-stainless.gl.at.ply.gg:38479
Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • hjghfggfghfgfhnt.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections