Overview

overview

10

Static

static

10

04d2045292...89.exe

windows7-x64

10

04d2045292...89.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    04d2045292af6a1891922538eab357d01ad76de5e0ad22e01842b3588c328b89.exe

  • Size

    38KB

  • MD5

    7e30a1a92f86e8e0a25154b1521d0588

  • SHA1

    44eb62f211c9d6a60184256080fc7b7cc3dde692

  • SHA256

    04d2045292af6a1891922538eab357d01ad76de5e0ad22e01842b3588c328b89

  • SHA512

    8fc5e9d163cc09251ae7d3d63532935fb415bb65fa577675a25cc40fdf876aded7adfcbc76a3951ca2d973ac5891477fc0c318ebc2b1d838e0975a1b9b21830d

  • SSDEEP

    768:buxxo5SsT2XI7W4AsPKAxkpJFyFWP09x/OMhWif:qjMdT2v4BPK6kpJIFJ9x/OMI+

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

45.74.8.236:5355

Mutex

cEyzqXDyec8SgvAp

Attributes
  • install_file

    USB.exe

  • telegram

    https://api.telegram.org/bot6803832694:AAGUd1u7orDCJRg0J4P9lSZtOSdC_d5u7bE/sendMessage?chat_id=1023602234

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 04d2045292af6a1891922538eab357d01ad76de5e0ad22e01842b3588c328b89.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections