Overview

overview

10

Static

static

10

e765597400...0N.exe

windows7-x64

10

e765597400...0N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    e7655974009622fc88429990ae961410N.exe

  • Size

    72KB

  • MD5

    e7655974009622fc88429990ae961410

  • SHA1

    ed37957a220fd0710a38e4602e14daba26e46218

  • SHA256

    3f84418aa7a3179ef432469bbd30b5e8006f7975a5da2172ff07891d0d758c82

  • SHA512

    3b06c56b3e4f381a0c3bce8a196662f548d7ff0740f6a433c6b5f5d5be35e7b9922fbfda879d51910b5f5a7738c5b972524226e0b85a92791aca35c464267133

  • SSDEEP

    1536:et5/ISTn5i15L8/3qA581db3P65pH6lfZO7TXloJPIPTyn:etzTn5i1UTQb30sRO/XsPLn

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

rated-cooling.gl.at.ply.gg:4593

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    taskhost.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e7655974009622fc88429990ae961410N.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections