Overview

overview

10

Static

static

10

9e2d433dcc...12.exe

windows7-x64

10

9e2d433dcc...12.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9e2d433dcccec4f30cb8a7a326b81cb97c1710c26f3da150b5b11197b5030a12

  • Size

    43KB

  • MD5

    61f45f65c8c59545a42522b402849312

  • SHA1

    ec598ce53ba1c35cafcb56e35de4ae428e937a2b

  • SHA256

    9e2d433dcccec4f30cb8a7a326b81cb97c1710c26f3da150b5b11197b5030a12

  • SHA512

    12a4f628840619fa7479e38db9ca4f29610c36e732cd4a28c0872d15a7f4749674ddf709aa2122e8e059cb033e6e48be0bd21e8a104dbd0dfea6acb9e403806d

  • SSDEEP

    768:EkQyaQBISPHjyKu0/Vsb4zxFtenbZDzp+Dgzb64qLYCJsd9Ah0Plcg4Kbu:E6aQBFPHjyKu0/Vc4V+nbPlzb64DV9Ar

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

127.0.0.1:7000

Attributes
  • install_file

    USB.exe

  • telegram

    https://api.telegram.org/bot6968692812:AAGq0eGpZvY4Svsumwvz3Iu3PDeiU3zSxaA/sendMessage?chat_id=6346214123

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9e2d433dcccec4f30cb8a7a326b81cb97c1710c26f3da150b5b11197b5030a12
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections