Overview

overview

10

Static

static

10

Bullet-main/build.py

windows7-x64

3

Bullet-main/build.py

windows10-2004-x64

3

Bullet-main/main.py

windows7-x64

3

Bullet-main/main.py

windows10-2004-x64

3

Bullet-main/start.bat

windows7-x64

10

Bullet-main/start.bat

windows10-2004-x64

10

Bullet-mai...gen.py

windows7-x64

3

Bullet-mai...gen.py

windows10-2004-x64

3

Bullet-mai...dez.py

windows7-x64

3

Bullet-mai...dez.py

windows10-2004-x64

3

Bullet-mai...ter.py

windows7-x64

3

Bullet-mai...ter.py

windows10-2004-x64

3

Bullet-mai...yer.py

windows7-x64

5

Bullet-mai...yer.py

windows10-2004-x64

3

Bullet-mai...er.exe

windows7-x64

10

Bullet-mai...er.exe

windows10-2004-x64

10

Bullet-mai...kup.py

windows7-x64

3

Bullet-mai...kup.py

windows10-2004-x64

3

Bullet-mai...kup.py

windows7-x64

3

Bullet-mai...kup.py

windows10-2004-x64

3

Bullet-mai...sdm.py

windows7-x64

3

Bullet-mai...sdm.py

windows10-2004-x64

3

Bullet-mai...kup.py

windows7-x64

3

Bullet-mai...kup.py

windows10-2004-x64

3

Bullet-mai...ker.py

windows7-x64

3

Bullet-mai...ker.py

windows10-2004-x64

3

Bullet-mai...pam.py

windows7-x64

3

Bullet-mai...pam.py

windows10-2004-x64

3

Resubmissions

12/07/2024, 19:21

240712-x2me9awhnn 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Bullet-main.zip

  • Size

    66KB

  • MD5

    ff8ed9ebbf942ff4667b3979335f6ebf

  • SHA1

    62cc5951a4d1f1bee3f154fb1ba42d464b867512

  • SHA256

    ab4fd06868bb9afd2ffb601a4f6294333ea5b9377d08285a1ef616fe73064618

  • SHA512

    b34bec5f4a9814ca69111bd7ed70a72ebf896f40e4a1f46ed9d2b33dbc9aa0cca90b4e0368a95d9f2fb39f1a20cbb86810bd9c05a0665b65fbc53353ecd96b4f

  • SSDEEP

    1536:sfCt5FrmDlkw1rJd+PMGicxQwGVshYBlMwXJOXEFqRhX:hqDlk+FG/xQwG+mM68XEQZ

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

bulletingmarrano-45523.portmap.host:45523

Attributes
  • Install_directory

    %AppData%

  • install_file

    RuntimeBroker.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Bullet-main.zip
    .zip
  • Bullet-main/README.md
  • Bullet-main/build.py
  • Bullet-main/main.py
  • Bullet-main/requirements.txt
  • Bullet-main/start.bat
  • Bullet-main/util/ccgen.py
  • Bullet-main/util/codez.py
  • Bullet-main/util/deleter.py
  • Bullet-main/util/destroyer.py
  • Bullet-main/util/installer.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Bullet-main/util/iplookup.py
  • Bullet-main/util/lookup.py
  • Bullet-main/util/massdm.py
  • Bullet-main/util/slookup.py
  • Bullet-main/util/snuker.py
  • Bullet-main/util/spam.py