Overview

overview

10

Static

static

10

1275f4387c...03.exe

windows7-x64

10

1275f4387c...03.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    6e9a2ac438be69ee9b31ac9d10217209.bin

  • Size

    62KB

  • MD5

    d9ecece7d6f70c2a10ae39104e2cb449

  • SHA1

    5c6f36a177d79fba85add48bbc24833f50fd2eaf

  • SHA256

    000da9d3f6dd5408cedaabd10377359d685fde4bf1163273f2f62475d86d2e1e

  • SHA512

    47486c079d85a410cc0c64c23a09669a3151f82c7ea8c5b3036e70c0ff7af8e7810d53342b40d73f1adf3c0e5641cfeb92a97613e2ba58aaecd96badc3018e79

  • SSDEEP

    1536:ZXq4+v1m0G37gAd0uI9mH3AvWyRB1+QhrWKpPSu/2Y+l:k4o1m0Grg9us63ZyRBcQEKMueYw

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

Mukhbit-38162.portmap.host:38162

Attributes
  • Install_directory

    %AppData%

  • install_file

    system.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6e9a2ac438be69ee9b31ac9d10217209.bin
    .zip

    Password: infected

  • 1275f4387cfdc226a89156dab68429eaf3bc8dc0d7236c747468bd2fc2c45503.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections