Overview

overview

10

Static

static

10

sos.exe

windows7-x64

10

sos.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    sos.exe

  • Size

    81KB

  • MD5

    d65e2031c6a905cc954bd21452d82737

  • SHA1

    dab546b95fe4f21a69e54ed8fb2d5f693043e6bd

  • SHA256

    cbb506bc74a4e07ea7d9e73fa4ec481b09d5049a44e49aa4b2e2f2fc57c1e6b2

  • SHA512

    51109f39f6e63d1d856fb8704bc9b27b2d11e5ac0f093964e9608a313548f897c7fad62934150aaf276c4f3abf3539c6f3353aca651544982c9c1cc15e22d4b0

  • SSDEEP

    1536:iJ6rotC8broY6Y+jY4wVHzRc8mB+bUGO3PG0nrSBC60e7RON6tW/EitBMLWT:vO1oYRAY4wpqHB+bUbGWOXROwtWtBdT

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:25565

likely-necessity.gl.joinmc.link:25565
Attributes
  • Install_directory

    %Temp%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • sos.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections