Overview

overview

10

Static

static

10

try.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    try.exe

  • Size

    35KB

  • MD5

    154749547182124a57204e0252cb721e

  • SHA1

    670255d6a0c52f872ae1bc518fa76102531506d3

  • SHA256

    d62b9b85b2880b400f82137471bd4ed9c8a1c6c8bda414729cc44a411b953d00

  • SHA512

    90e6120ed6899813e72bca920bd2e60a8f4fbc5e3a5818762a7973a1bb2433f7a310bda9e8f3a772d1b02d31448eeacfd5fb955701ed69fdc1bdc78d7b360abc

  • SSDEEP

    768:IoHv9ouQGVdhiQfCYzd4mVFy+9FSOjh2OEp:IoHloqdhVa6d48Ff9FSOjy

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

modern-educators.gl.at.ply.gg:2028

Mutex

XzwjnIzx4P4Lwd8b

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • try.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections