Overview

overview

10

Static

static

10

XWormLoader V5.2.exe

android-11-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    XWormLoader V5.2.exe

  • Size

    77KB

  • MD5

    2208654b319134567ec4932ca3c00033

  • SHA1

    5d251d82658911e005200fddac6b9d96497b9940

  • SHA256

    cd8389b8f935f99f90b6ca429ae33f732b27f400526f5bd9a956db783d9d1c99

  • SHA512

    9011ad8682120cb55410fa06ae72640f338a283a50c8a69b866ea06f3b566eb191a6e766f42b709c3102d80a23a061aca8dddd7d496eedd8c3e4f94c972c484e

  • SSDEEP

    1536:+q3BJ9l8WCG6st3UT29DMmyydRKiOCXbORKlxT6oKtEgOrhwrfE4:3HdH64ET29DE+KBAbORKougOr644

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

promptylol-31420.portmap.io:31420

Attributes
  • Install_directory

    %LocalAppData%

  • install_file

    RuntimeBroker.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XWormLoader V5.2.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections