Overview

overview

10

Static

static

10

Microsoft ...on.exe

windows7-x64

10

Microsoft ...on.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Microsoft Network Realtime inspection.exe

  • Size

    79KB

  • MD5

    5c888eddae30076bd7aaa2e5d5fea097

  • SHA1

    6a5b5c290d24bcd984a7083f934dbf35f56ec888

  • SHA256

    267d1802344caba41d174d5e9750695c446724e6c480bee1b79100a64931e788

  • SHA512

    4a17d517772d0efff6fea2074af232c90f47b370fa9269d36970bec3a8204e1e3df8f273f21287f712d26117a803b428ffd3683581b85498515e1d908c5b3dd1

  • SSDEEP

    1536:y8p4oJOu7J3c+Fj4zo+ib+8qn36NOuCYh0uxqau:y5oJLJM5zJib+sOeh0uVu

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

listing-trackbacks.gl.at.ply.gg:15337

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Microsoft Network Realtime inspection.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections