Overview

overview

10

Static

static

10

прове...ы.exe

windows7-x64

10

прове...ы.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    проверка на читы.exe

  • Size

    77KB

  • MD5

    01bc479b1b988b0183c676fa6f2a6d69

  • SHA1

    e2837756d107c3514f4adcc25fa657e697f332eb

  • SHA256

    2a27bff36479de7fdf902b02266bbc4c92a1a2a627d2f9d5d1c7f6f53b385712

  • SHA512

    29bac859f7d4ea582d60b7c454684bf7999119666668b5d5721c5a717408d88ed3a19288ea2f4476b27fef0c8f6f6fafba0a4f9811445f5edf61e681a2aec05f

  • SSDEEP

    1536:kXofT0eL/qHndN0DZKp+bCIA0NYZ6u2IOEar5r8PzUt:ObuMwD8+bfOnOnr56M

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

19.ip.gl.ply.gg:2242

did-notices.gl.at.ply.gg:2242

autocl:123
Attributes
  • Install_directory

    %AppData%

  • install_file

    rege000.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • проверка на читы.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections