Overview

overview

10

Static

static

10

d568cde0ed...cs.exe

windows7-x64

10

d568cde0ed...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    d568cde0edf9d979a9bbb72befdea460_NeikiAnalytics.exe

  • Size

    242KB

  • MD5

    d568cde0edf9d979a9bbb72befdea460

  • SHA1

    1750611c70574ccce9b384655d7042f756266da6

  • SHA256

    21642747f13d619456f81e6d5f5821042c2a505fc679445275af65039f9d6f3c

  • SHA512

    c2efacc1651976332b9dc889bd3a11778e5c3d7d19d7280c9e1f68cec02f7f2f90bd1dd5ad9bb7e1aaee21d77df9b68c370ad8aa6d1b5d41c22e2bbcf128a5f2

  • SSDEEP

    3072:TUhExYyYt+5bPH1GUoYO/Ge8SKfbzxcwg7es6/Vsb8VKTu549oJMfF/H9N3Ky9NP:1/C+5bMAeUhcX7elbKTua9bfF/H9d9n

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

land-cio.gl.at.ply.gg:43893

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d568cde0edf9d979a9bbb72befdea460_NeikiAnalytics.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections