Overview

overview

10

Static

static

10

cd468e7b3b...85.exe

windows7-x64

10

cd468e7b3b...85.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    cd468e7b3b53ddb2ce6b9c43e9207185.exe

  • Size

    50KB

  • MD5

    cd468e7b3b53ddb2ce6b9c43e9207185

  • SHA1

    47d2d750030f8ee8e8f10af5ae20772cd6f088ea

  • SHA256

    347ca1208f90a9d5b07324cc923d4279885856d3f446468a95c018e6cba7786c

  • SHA512

    4756563ae050529d26c1ace186de325c6eff2c2d5fd336aba0c721025becaf3dc5c7a2c4b3981f66f57fe858a95d282d48e0b91e09d1f06283f6281295b7e366

  • SSDEEP

    1536:if05a/CTjK89SFc9U/dW68OMYpdS1EAd8II4:if05a/CTR9SFc9U/eOMYgEA6II4

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

89.213.177.171:7000

Mutex

hqK5nhK7bEoltZzv

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    VLC_Medai.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • cd468e7b3b53ddb2ce6b9c43e9207185.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections