Overview

overview

10

Static

static

10

0db294ba72...9d.exe

windows7-x64

10

0db294ba72...9d.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0db294ba72c23d7eabc38b3998cfbd90b9eea1c22a4e7d8b8e9f5e1c479a369d.exe

  • Size

    30KB

  • MD5

    908aef51a0d9e006975d8fc7d77bd808

  • SHA1

    0b75c392decc8d9f8f0e8e0e154827630706971b

  • SHA256

    0db294ba72c23d7eabc38b3998cfbd90b9eea1c22a4e7d8b8e9f5e1c479a369d

  • SHA512

    a0ded639cd2c4ca2b7bcf1e2bd941adccfc8db594d3a4b9038b61d5662772639f205fc4c1d8e194f55964c5ffb49c659a36eb90466b9370223b17ae411610b38

  • SSDEEP

    384:y7wTA+5OfPgEBQqWvfcQLZe3s80hYACSqReAw2uRugtFuBLTIOZw/WVnvn9IkVu8:8rgECfLH8MYAoReJ2uBFE9RnOqhobg

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

daddy.linkpc.net:7000

Mutex

n1tAo1XAMkfhCZS4

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0db294ba72c23d7eabc38b3998cfbd90b9eea1c22a4e7d8b8e9f5e1c479a369d.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections