Overview

overview

10

Static

static

10

Empyrean R...ol.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Empyrean Removal Tool.exe

  • Size

    44KB

  • MD5

    72dc44b2e7ef74718c563d397b1b1fbf

  • SHA1

    6874f37359d554346dc024cffc4a3a68334494b2

  • SHA256

    fd8fb92324e4f5bb8665514b0c19f8bd4354ef091d8f2d088b528f1d21405066

  • SHA512

    a5a84f6ea2cdbec151de9d49b67aa07cfd2d23e9035b2863fadc59c58012f6fb9c1d69106e981bde9d49f9d28b4946c3ada80a3fcd03a7a6e353b90105c9304e

  • SSDEEP

    768:sMDF7zLXoeUHyLpeuddqLi9Fk9wO0/O/hY/22gds4S1EAd8IIf:HF73XoeUS9Hd9Fk9wv/O/+u2gdS1EAdo

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

75.24.104.157:4782

Mutex

LalTxzCzI20sKikz

Attributes
  • Install_directory

    %Public%

  • install_file

    $77-Update.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Empyrean Removal Tool.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections