Overview

overview

10

Static

static

10

WIN10_Libr...er.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    WIN10_Library_Installer.exe

  • Size

    178KB

  • MD5

    fde58c9fda343b29056c0578ed8a59a8

  • SHA1

    6765e8cd0d11893ae8371bdbc4f9b20628afa36e

  • SHA256

    32c615b191822b11576b15f3daf778130130f9f5f41f910b1c340cffd440044a

  • SHA512

    47f746c3c2c7241fbee33f9b067872d30541bec389641efaf413762f538ae3e83eba62f937247e7552fab21a0692a203588e058137ba789d8304a4a6793e188c

  • SSDEEP

    3072:epR0EPmLTxC3EN/bMpk2NcwmefhOorhHzoBz65/M6If+3Js+3JFkKeTnt:enmLk36/bXsmOoxBt25

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Attributes
  • Install_directory

    %AppData%

  • install_file

    svchost.exe

  • pastebin_url

    https://pastebin.com/raw/Jt9Xgc6v

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • WIN10_Library_Installer.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections