Overview

overview

10

Static

static

10

0c5ab1f790...a5.exe

windows7-x64

10

0c5ab1f790...a5.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0c5ab1f790b2a2b48b6a5180f24576d8242458e54b2884fc0634d453764c34a5.exe

  • Size

    79KB

  • MD5

    528d6b4cc34f110ac6898a21de0af348

  • SHA1

    bf4cf929bd7343673d85d994b3a79a17ac99ac50

  • SHA256

    0c5ab1f790b2a2b48b6a5180f24576d8242458e54b2884fc0634d453764c34a5

  • SHA512

    c9db30c24582a762b126db721fbce719a990bb2b7724ccf4ba6f2ac4bf72eda8ea5d0b613f974e009324c1dc1daf0150fe5e1d09f3fac62e299ed2faf75c3278

  • SSDEEP

    1536:sQ2mtkdAdPTW5pvxFUWkC7LE6Br3v4biQTdz2O6WuO6iDsGsiUObvF:sQPOWdPoZxkWL74biQBXuOHDsGdDF

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

daddy.linkpc.net:7000

Attributes
  • Install_directory

    %Temp%

  • install_file

    USB.exe

  • telegram

    https://api.telegram.org/bot6659084379:AAHwYx_m5LGEEADvQo2F9Q3CbvJIfs0Hh7o/sendMessage?chat_id=5457636267

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0c5ab1f790b2a2b48b6a5180f24576d8242458e54b2884fc0634d453764c34a5.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections