Overview

overview

10

Static

static

10

script.exe

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    script.exe

  • Size

    40KB

  • MD5

    9344cdf5313d8e73d703e6b0e5ebe929

  • SHA1

    9197c6a6ce6e7de600df560b54e2c50198f97766

  • SHA256

    b828b0b437807f2c2563ebc445efe787bce5432f842d570056ba1967bf77e398

  • SHA512

    23c373b003c0e3398d958e6a4be608719ce289ed91604827fbce492c1ba1af06d859c3fd30d70d81fbea058c01a44d8e19988558be4fe97c178a8e243299dd70

  • SSDEEP

    768:lOPrVX9pdymSAOCuwtF5Pf955LOMhF3/l:lUVNpkVAOCuIFB955LOMnt

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

disclaimer-transmit.gl.at.ply.gg:47055

Mutex

sRTEIjPBnVPlylHz

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    script.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • script.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections