Overview

overview

10

Static

static

10

totallynotarat.exe

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    totallynotarat.exe

  • Size

    39KB

  • MD5

    d93e687611e4650cf0ca45c3bf27d4f4

  • SHA1

    5b3d0f6392972a0656e899f0bd6db6ef4ea44c5b

  • SHA256

    067ded045ee054cc537cec64593c2dc95b7eb5a9f77991e4084ecaef76d44385

  • SHA512

    fbf3c3d2b534d857a4c061909947771dcc13b6d5ea76f81cce61d0b52db60ab4e31d4b88bd19a92260fffc1ed8fcd3df690fe9e31a0e4ec48d8ab7df58b45046

  • SSDEEP

    768:0Z5A172rL1OJfwcQ/pvVk8xF5Pq9jT+F6SOMhR33H:04F2rhOxNOO4Fc9P+F6SOMDX

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:7000

Mutex

2k0wrRKHGBTqg4hV

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • totallynotarat.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections