Overview

overview

10

Static

static

10

Roblox.soft.exe

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Roblox.soft.exe

  • Size

    208KB

  • MD5

    8836cfa5b42391f7f726111f95eb1286

  • SHA1

    6ae38fefc80d36d314edc4f21a04659c3d0416f9

  • SHA256

    9c71d9c7194e47cba06aa8e3fd6d8fc10cf4199bf5a93967ddf7d1cac345d9b0

  • SHA512

    4e8570e0b2cb363f1fa820b66c7da38b9361770d447dbef88018cb1666cdd768c92d838149d0c829e1becec4a2d2d1ccd93e813c88aeb56c513982df59b28854

  • SSDEEP

    3072:HsBmjoFb9LmOuq8SKfbzxcwg7es6/Vsb8VKTup49oJMfF/H9N3Ky9NzLnJ:HYb9BUhcX7elbKTuq9bfF/H9d9n

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:3782

21.ip.gl.ply.gg:3782
Mutex

ZeU3qSaRXnLlIWu0

Attributes
  • Install_directory

    %Userprofile%

  • install_file

    system.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Roblox.soft.exe
    .exe windows:4 windows x86 arch:x86

    Password: DarkHost2

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections