Overview

overview

10

Static

static

10

6c11fb9cd4...51.exe

windows7-x64

10

6c11fb9cd4...51.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    6c11fb9cd4f59482412311551ed893874bf0f97c90308d929f01629b4c6d9b51

  • Size

    78KB

  • MD5

    a196fd13aaab20f05444c5a5ab460248

  • SHA1

    5ab29ac172e05cf6c56cb91b05c237b2209bc5e8

  • SHA256

    6c11fb9cd4f59482412311551ed893874bf0f97c90308d929f01629b4c6d9b51

  • SHA512

    a77f45f108253cb8240da11e7675476a56e8964f52121575c2d599e86bf7547169de8819f8ec88c115ea0a028594f1c09edcfb19712bcbd051aaaec2e01054d8

  • SSDEEP

    1536:WKasmh8p9PgDd1dgCACRQ0BNbMyXti0DDNnXlo6xDTgOoQZ9pwivqWQ:asU8/PgD7V9NbMyZXlbEOFZ9pwmQ

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

jajaovh.duckdns.org:1605

Attributes
  • Install_directory

    %Temp%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6c11fb9cd4f59482412311551ed893874bf0f97c90308d929f01629b4c6d9b51
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections