Overview

overview

10

Static

static

10

29a8d5d9ae...0N.exe

windows7-x64

10

29a8d5d9ae...0N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    29a8d5d9aea3fcad6793d92831713470N.exe

  • Size

    36KB

  • MD5

    29a8d5d9aea3fcad6793d92831713470

  • SHA1

    ef382f04bc0b4a67bed80373b908f0fcd462ad6b

  • SHA256

    dd022fbbc688f34ad8dc4afdf127908263941c833d5ebe77a97fe2d5b618e9c6

  • SHA512

    8051441211f39120f376b17e69bb74cc3d52d9e5c006a0e7838fcc9c5cbe8a3bd7dabb594ada9fb2e50b2e26394ae6c1d8de1ffa3d8a64d952aff6216243ca93

  • SSDEEP

    768:PL13A5Uno9RfHWa2B71eo8icH+1WbFb9YHOMhsQLvX:DxA5Uno9JHWXZeNicH+1SFb9YHOMuiX

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:7000

Mutex

He5JbA0RsKYc9qCn

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 29a8d5d9aea3fcad6793d92831713470N.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections