Overview

overview

10

Static

static

10

5e2c26c0eb...c8.exe

windows7-x64

10

5e2c26c0eb...c8.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5e2c26c0eb5780f72a71e6cc301be33aa77f256bedcc36c09fe1a94631e253c8

  • Size

    46KB

  • MD5

    107b88a5482d6b3d2ad1d31925634ebc

  • SHA1

    859d504468382d78d37536c55119d7a8b6a4233e

  • SHA256

    5e2c26c0eb5780f72a71e6cc301be33aa77f256bedcc36c09fe1a94631e253c8

  • SHA512

    86761bcfccae21c57986a57c061f324105cc92e33c1a53cb78f886ae3ff235bf0fc2da117a8e4b7c9d5b14bc3ac49ec09bcb6315db8db5e8420183f692b9375c

  • SSDEEP

    768:08i3sGPA22e+OgepWGhDylCBTw8A6Naqww9bWkxtrlVG:0HgOBy7Lw9Ck/jG

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Mutex

RzTN4Iy09ta2cJpv

Attributes
  • Install_directory

    %key%

  • install_file

    USB.exe

  • pastebin_url

    https://pastebin.com/raw/KWL0Eq3r

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Detects executables (downlaoders) containing URLs to raw contents of a paste 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5e2c26c0eb5780f72a71e6cc301be33aa77f256bedcc36c09fe1a94631e253c8
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections