Overview

overview

10

Static

static

10

ad809276ed...f3.exe

windows7-x64

10

ad809276ed...f3.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    ad809276ed5a5d69c279cf4d532c08254f1ec64a88f42d2044e9a8f9b6ccd6f3

  • Size

    69KB

  • MD5

    c88e47d73f73a2d6196d0f2b8d837fc4

  • SHA1

    567f4685a09ba404471a0f4713c6852f5fa31151

  • SHA256

    ad809276ed5a5d69c279cf4d532c08254f1ec64a88f42d2044e9a8f9b6ccd6f3

  • SHA512

    4e04e985d54c439603a13dd5c44a8288f8c6ada8fb74313997ba9568010dd67ea9037158db0fe4dc9488dcf6e53b7324f0154891a161f9b5679b294b0594175f

  • SSDEEP

    1536:utwkeFWgR1pxqwyY1qPV7tQ7bQNNbb2uCY6k8OOw9ov61M:f5RcnPVZQ7bQNN23cOw9oIM

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

  • pastebin_url

    https://pastebin.com/raw/AtygDcxd

Signatures

  • Detect Xworm Payload 1 IoCs
  • Detects Windows executables referencing non-Windows User-Agents 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ad809276ed5a5d69c279cf4d532c08254f1ec64a88f42d2044e9a8f9b6ccd6f3
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections