Overview

overview

10

Static

static

10

6c9680f077...cd.dll

windows7-x64

1

6c9680f077...cd.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    6c9680f07739805cee08025869bbab9977e6441792c71f7ead438d47563509cd

  • Size

    2.4MB

  • MD5

    107bcfb1a723cf2c206380e36d12a34f

  • SHA1

    70897b53554de6b97d7a2d69fbea113e145bd957

  • SHA256

    6c9680f07739805cee08025869bbab9977e6441792c71f7ead438d47563509cd

  • SHA512

    ae914b0a0abeafaf60f2b526563596cc7f7127e0c04b0364cb1366e3c3b58137b4def0d773ae4a34ce3303f97a31fae3b864d4dfa82dc7c3b8f8a2769847a310

  • SSDEEP

    12288:kGowuaPjR5Ck3P64YitwUtoYy1f5pjsvWpCQljWF5fP015hLUC:qol5p/wUtly1ff4Hcj45n0vNv

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

192.168.184.141:7000

Attributes
  • Install_directory

    %AppData%

  • install_file

    Fart.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Detects Windows executables referencing non-Windows User-Agents 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6c9680f07739805cee08025869bbab9977e6441792c71f7ead438d47563509cd
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections