Overview

overview

10

Static

static

10

481b70764a...53.exe

windows7-x64

10

481b70764a...53.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    481b70764a22fe3173d52f555d23565923fd283cb60acc89ab133029ec8ee053.exe

  • Size

    324KB

  • MD5

    6e748d749d93c98e447729e7921825a6

  • SHA1

    3d10a69e0a6f53786fea040cbc15a3568c0988bc

  • SHA256

    481b70764a22fe3173d52f555d23565923fd283cb60acc89ab133029ec8ee053

  • SHA512

    6840376f4a9069b427b86b118e4ecee3c5b075281b39b696aad4e4700f54c45a8eafca71c7f4c59c9df49cc6f484e7ba1af0975752784b06b29c3068c4786953

  • SSDEEP

    6144:ITaBCbhzTTz+GIIIIIIIhIIIIIIIIIIIIIIIU:IrTTU

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:7000

178.126.204.12:7000
Attributes
  • Install_directory

    %Public%

  • install_file

    XClient.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 481b70764a22fe3173d52f555d23565923fd283cb60acc89ab133029ec8ee053.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections