xworm | Macsen 1x XWorm[.]exe

Resubmissions

25/06/2024, 22:32

240625-2f5f6azenn 10

25/06/2024, 22:28

240625-2dnevsxekg 10

Sharing

Copy URL

Twitter E-mail

General

Target

Macsen 1x XWorm.exe
Size

58KB
MD5

a16d3464166395f35cd9ac434fb262fb
SHA1

b56d99591216ccb7e1825f69a1922f6d7583e82a
SHA256

b2bbf97c436e954dd9956507f3f71523495d2618ef7edfe001d0bff8d36a12c0
SHA512

a784062ddf05f8247b3e73d88e931d4321580f76ac156ea9e7fa936d095ba7e6f7b3176ecfadda2d77989425898eb6073752192af804015ff1a7c153b415dc34
SSDEEP

1536:Qkk4SjJs9NSQSVD0lb1N/jRly+3mB0bhXn306rcObhd3:Qju9oil5S0bhnxcO9Z

Score

10^/10

xworm

Malware Config

Extracted

Family

xworm

length-implications.gl.at.ply.gg:44097

Attributes

install_file
USB.exe

Signatures

Detect Xworm Payload 1 IoCs

resource	yara_rule
sample	family_xworm

Xworm family
xworm

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Macsen 1x XWorm.exe

Files

Macsen 1x XWorm.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 55KB - Virtual size: 55KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 55KB - Virtual size: 55KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B