Overview

overview

10

Static

static

10

V5.6.exe

windows7-x64

10

V5.6.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    V5.6.exe

  • Size

    45KB

  • MD5

    b6077312041f43426a929e469cef6179

  • SHA1

    11ede54ec88688eae9b261b347f748e2302d557a

  • SHA256

    bfd08897bfc711cde92c74bca448afce76861d4e7e04613c8981734246da3e42

  • SHA512

    647f74c6e3a00cd3dd9828ed6932102c1a79e72fc0b76987ea9d2eb3759ea7c8705414d22fc54fdde68f6f1be710c5363350a7781a32be638494604ce31a4ad4

  • SSDEEP

    768:0urlDweV3OOVbADM9W1v9NfgkBpuAuREcNclYlVvD4xeVhKfkDLbFEPa9pvXh6iK:0ADweQKADMkV9GkSAcRaelZrOY/FJ9NI

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

reference-elliott.gl.at.ply.gg:37420

Mutex

395qzx2wh3j8r0i0

Attributes
  • Install_directory

    %Userprofile%

  • install_file

    svchost.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • V5.6.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections