Overview

overview

10

Static

static

10

f863a2feea...f2.exe

windows7-x64

10

f863a2feea...f2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f863a2feea07ecd8b703384230cb4565383bb57c2101b5a3c0a30c46969c23f2

  • Size

    300KB

  • MD5

    2dbf7474f052da878bd00e667f414115

  • SHA1

    24e86e413aa6b1c4856dd5a88356029958b8894e

  • SHA256

    f863a2feea07ecd8b703384230cb4565383bb57c2101b5a3c0a30c46969c23f2

  • SHA512

    513397a99e56adf128b2307da6c7c33cbd064fd786dd7271f53cca90751b6db24d8cecfc93f75c0dec50b8f56119a537c4d052456b1ccbe1ed30e16d0d6ccdfc

  • SSDEEP

    6144:z539VRV1lZ39dXF0vNrPWqyyo/GwUtm5r0HfrBqI:jIpPWJr/GwUtmr0HfrBqI

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

five-sequences.gl.at.ply.gg:47561

Mutex

5YNWuWrlvnkw6fdc

Attributes
  • Install_directory

    %Userprofile%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f863a2feea07ecd8b703384230cb4565383bb57c2101b5a3c0a30c46969c23f2
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections