Overview

overview

10

Static

static

10

fasda.exe

windows7-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    fasda.exe

  • Size

    37KB

  • MD5

    c5110851f0eb7d8cbff3c97b25126964

  • SHA1

    2b51395487fab8081f3cdbd94434755f99eb3975

  • SHA256

    740ffed77cc8b29a1ac56e1b0e4a6d2a4c5dbbe6e3c8da4f522f23e0feaf77a8

  • SHA512

    9c0d5f44770698d0d12f8ec99b753359e0ead01455cda6549d86424764783e2357bf9461607d40605f0df434bc31ce505c403eb1ea62fbe1cc44d47bf1bec67c

  • SSDEEP

    768:Y1ELhzl+f99WKNspwOmlnFWPm9M16OOMh0LPa:Yy9zl+fiaspw/Fd9M16OOMKDa

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:17341

press-higher.gl.at.ply.gg:17341
Mutex

tj2AyKMS25ZpZX1u

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fasda.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections