Overview

overview

10

Static

static

10

nig.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    nig.exe

  • Size

    35KB

  • MD5

    7dbb60cbd452f31320f233c571dab951

  • SHA1

    5fdbea55fc85ba29e02c9a9fefd5eb2f77534e36

  • SHA256

    539ad87a0f1d3679890be76037f14cee388583b90e53d105f82fe6544ecb71bc

  • SHA512

    cbf13460113e992c0f80445dc802407fb11914e424ccd5fada76ff819572f1161eb7d12bff03a9b0e2254aff19628e0d5c870a08b7286222f626efd102adcfb8

  • SSDEEP

    768:foNe73HZFhiQfCYzZ4mVFy+9FjOjhMOEX:foQJFhVa6Z48Ff9FjOjm

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

modern-educators.gl.at.ply.gg:23695:23695

Mutex

ErPtEmhafMzpI2ok

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • nig.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections