Overview

overview

10

Static

static

10

6c4e024522...6d.exe

windows7-x64

10

6c4e024522...6d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6c4e0245224f2e28e1892d5236e9390dfd528b6eefa7639563fe58839ff6206d

  • Size

    71KB

  • MD5

    4d42ad2f087edf08284dc95272ce49aa

  • SHA1

    d5840246c31954ba0ab21a072d6e9c66b529ae36

  • SHA256

    6c4e0245224f2e28e1892d5236e9390dfd528b6eefa7639563fe58839ff6206d

  • SHA512

    efbd91c77f2692be61fb23004e168fab4ae184d4359013f5c31501bdf4d015679ca6a80079d0014c1b7bc99cfe4393881034da98af4e23ad185debeed7afb185

  • SSDEEP

    1536:VNbJ3EeuWKNYeSYdbmaYBRAa6O5OuFJJfbFXRO:VzlHKJSYdbmaSb6O51FLzzO

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:7474

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Detects Windows executables referencing non-Windows User-Agents 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6c4e0245224f2e28e1892d5236e9390dfd528b6eefa7639563fe58839ff6206d
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections