Overview

overview

10

Static

static

10

11994a972d...39.exe

windows7-x64

10

11994a972d...39.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    11994a972d719482a9d2531919cdded06c3c02b6868ba2377c9c1e77131c1539

  • Size

    83KB

  • MD5

    f5aa8a3413375dd14b02cfdce71b0f66

  • SHA1

    12cf8e695ebb69caea0f637aa1fbb5035bc307f1

  • SHA256

    11994a972d719482a9d2531919cdded06c3c02b6868ba2377c9c1e77131c1539

  • SHA512

    64b42f9e3c81289f957f11c5c65470e2279f8e11da79a53de7182e0a8fe070314403783015d233e65833ef287616c4f63f14fe1818be7b76f6a4df79930fad82

  • SSDEEP

    1536:fTn5y8NtBII4P3vdLTewrCjbFnk7/6tOV1A6B:bnDgzP3tcjbFkQObAe

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

internalontop.ddns.net:4782

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 11994a972d719482a9d2531919cdded06c3c02b6868ba2377c9c1e77131c1539
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections