Overview

overview

10

Static

static

10

jjjjjjjjjj...jj.exe

windows7-x64

jjjjjjjjjj...jj.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    jjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj.exe

  • Size

    37KB

  • MD5

    144fc4bdde32d7546dcea18ceeefd2c3

  • SHA1

    eba4aae3cd8e322c2ac84dd6eb99fc22e951d405

  • SHA256

    d7ef1aaa169efed0097f39515f4a059119b675804ffe935b3a459f00be81e551

  • SHA512

    1b1576be9c9cf18777d6cf3177dde91133665a4352a0f70c269ca1da3d69c32e1ab7b9bc65593e9858c741479ab11e294c5cbc10ff1ba07ac15d001a65f00370

  • SSDEEP

    768:FUWum8gIroole0hvFk9iJz6OO/htn/mEy:FUWIHrPoiFk9gz6OO/TeEy

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

88.0.183.177:1603

88.0.172.65:1603
Mutex

wNd43tOJTNVsCQvO

Attributes
  • Install_directory

    %Public%

  • install_file

    Runtime Broker.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • jjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections