Overview

overview

10

Static

static

10

Nursultan Crack.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Nursultan Crack.exe

  • Size

    75KB

  • MD5

    718d835e956bf992d74d031070750ccd

  • SHA1

    8a8be000621049c6d82ef19c5df1c87f8663284b

  • SHA256

    6718f70bc6681d4aa51f9a14dd7d13b889207f06d1f6022a50f9d99a5f03d86a

  • SHA512

    1e624cbcf80db295371c98b04a479e175dd97496cc0eca8b44d916f99951bb98f1890d073c9b6af7f0ba50f69dbf4122791baee41070d359db53294b33164b8d

  • SSDEEP

    1536:klFdpG4JVa2QjuN67/NUavqnWd+bKNX49Y5OO3HFmqiFpETW:klEQNy/NLiG+bKkTO3HFfiFpYW

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:1111

tel-form.gl.at.ply.gg:1111
Attributes
  • Install_directory

    %AppData%

  • install_file

    discord.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Nursultan Crack.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections