Overview

overview

10

Static

static

10

Wave.exe

windows7-x64

10

Wave.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    d860921a51deedf76facb3cad87fdd2cb09983e7ea62efb2f83dcaf0798bf1fd

  • Size

    19KB

  • MD5

    04b4cd216ee684d578233714db6f9524

  • SHA1

    fa405856dca95a1de7e2cfac84c02d1ad8a4e23a

  • SHA256

    d860921a51deedf76facb3cad87fdd2cb09983e7ea62efb2f83dcaf0798bf1fd

  • SHA512

    3661e5b09b36bf7ce3d0d8dba22fcac79ea35ffe05c7fb4abbc1d2c5b95c6e66a63b26027d3b33053e32af7e381b8f0cbe6e5fd22948b42939936a224fa7a461

  • SSDEEP

    384:hWXu3qui5U8M0XyTwBiAXIypHrXzP83RdhG7F/YqVlNSSTyfto5o26Nfz9ZuH/qT:QPvMOyTwSypHrXT8hdg1Y4bpGuv6NfxP

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

none-lender.gl.at.ply.gg:36612

Mutex

63qHltODHQUTsI6g

Attributes
  • Install_directory

    %AppData%

  • install_file

    svchost.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d860921a51deedf76facb3cad87fdd2cb09983e7ea62efb2f83dcaf0798bf1fd
    .rar
  • Data/Podni.txt
  • Data/bin/win/DOYGH.txt
  • Wave.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections