Overview

overview

10

Static

static

10

78df5035ae...2f.exe

windows7-x64

10

78df5035ae...2f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    78df5035aed5e56ae97c5e3cc12e4d8bf2f6d34a914ecc964942ec6c4401242f

  • Size

    70KB

  • MD5

    0c104036dcc1502909cad08a33f52520

  • SHA1

    042e43f7c592a9ca8781381a79fed3f82d72ce2b

  • SHA256

    78df5035aed5e56ae97c5e3cc12e4d8bf2f6d34a914ecc964942ec6c4401242f

  • SHA512

    397f6802fbfa34687a2881a389c8254a00697bdf2fbbdae5669e4e6cca4220d3378be3f57ddd473fe24152cf2eb4804cf1852c41a310e83e9af9303426890d7d

  • SSDEEP

    1536:VmyEE1UCzfn9sOMNzwerAg9CbSy5Vkba33vOIyeL6vG1vvO+or2K:VmCUCzfwlr5kfkbavOIyemwvO+oaK

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

94.141.120.222:7000

Attributes
  • Install_directory

    %Temp%

  • install_file

    RtkAudUService64.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 78df5035aed5e56ae97c5e3cc12e4d8bf2f6d34a914ecc964942ec6c4401242f
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections