Overview

overview

10

Static

static

10

2024-04-29...ar.exe

windows7-x64

10

2024-04-29...ar.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-29_255b17110a4029a8e622d464c0182ba4_hiddentear

  • Size

    150KB

  • MD5

    255b17110a4029a8e622d464c0182ba4

  • SHA1

    0eea390039e99c529cee03870e857bb8b33d8450

  • SHA256

    323dfb1fdc3aa6c67d178c0e12707b2b56dcd1e49e2e50f3cbf755b073cd9ffc

  • SHA512

    1c522fca797b975319b3180dfc6e1cf9b47db112273640141af2e4a6fd4af3136923cc3c77e308e97dbf89b1f697436c6c49966b542ab355e6328bad0551b226

  • SSDEEP

    3072:TdJ93BZb3SRLOdHqM+lmsolAIrRuw+mqv9j1MWLQ3:Bvb9+lDAA

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

172.94.32.98:7600

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Detects Windows executables referencing non-Windows User-Agents 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-04-29_255b17110a4029a8e622d464c0182ba4_hiddentear
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections