Overview

overview

10

Static

static

10

fc975db05f...68.exe

windows7-x64

10

fc975db05f...68.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fc975db05fc20acc0c6bfefc517f9c54487857c0332877036408035a95677a68.exe

  • Size

    77KB

  • MD5

    0023d5028225136e000201652d675318

  • SHA1

    2c0c6c975e263d88225916db67f4dff50c577380

  • SHA256

    fc975db05fc20acc0c6bfefc517f9c54487857c0332877036408035a95677a68

  • SHA512

    c842faccb9de56d38de1112799fb9bbead47fdbeaf70f1d0159dd0a6516b848040d33793163a1fbb6212fff8ad17925c67720c900c36b218cdd349a2dd08087f

  • SSDEEP

    1536:E9q6guW7EpP7d0nD4oIPzbiU3XmGHU6iTBO06bPipPa:E9qEW80nD4biU3LyO06bixa

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

heart-debian.gl.at.ply.gg:47573

Attributes
  • Install_directory

    %AppData%

  • install_file

    system32.exe

  • telegram

    https://api.telegram.org/bot7458595634:AAEEmxZd7rBIYX3YZTRCO1t9uU7_yLyhcaw/sendMessage?chat_id=1473354298

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fc975db05fc20acc0c6bfefc517f9c54487857c0332877036408035a95677a68.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections