Overview

overview

10

Static

static

10

CometImageLogger.exe

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    CometImageLogger.exe

  • Size

    83KB

  • MD5

    65cf819ce93c6a1184acf2d8b74403be

  • SHA1

    ebd35688234c4e74d584b5071d87fe8914bd3367

  • SHA256

    db1fe013cbef44ce9d5f0d22068d08e48019701c20f5d3ac71b5f50b2fdd4930

  • SHA512

    06ed3de62c70ab26d322046746176afa9e8f25a87554ca4f9280f452afd5d6c112cacf28977965515f754ca9675984405b593a759f8b3fe85ddde90543183fe0

  • SSDEEP

    1536:S9yaGDcGqrT4P8K5zQkgboJT0//Q3J6Yd/lOxf2qOJp5bt:WxGckkRkgboUgtd/lOxfVO/5bt

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:7000

192.168.29.241:7000

192.168.56.1:7000
Attributes
  • Install_directory

    %Temp%

  • install_file

    CometImageLogger.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • CometImageLogger.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections