Overview

overview

10

Static

static

10

c169b1b8be...17.exe

windows7-x64

10

c169b1b8be...17.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    c169b1b8bef1394a5cfca580f302b3d2ebe5ec2e4b9ee0d1d4899959da9b3817

  • Size

    92KB

  • MD5

    4abb5a6ea4d1d45f501f9737a16d0bb6

  • SHA1

    1b6567ca5d955cd6bcb25ba922724c2ab0d84b15

  • SHA256

    c169b1b8bef1394a5cfca580f302b3d2ebe5ec2e4b9ee0d1d4899959da9b3817

  • SHA512

    368b27573fdd76daabe174d8cad1836eee7904ec88bd5e0bba2cdbb8c94271183617e4c19de4f2599c1d336c3f7f75aa03bc27a213eae891cfc7bc4755f76ef2

  • SSDEEP

    1536:4iTqTvhORERbiKuumnaFe92b6cOMMHl4Z+5ulKLrF/zQbvKqsVechmQ1X0LJdee7:40kTFe92xOMeXulKvt9q9cxkLb7

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

21.ip.gl.ply.gg:50642

Mutex

nMxe2IVyW9DmGPBf

Attributes
  • Install_directory

    %AppData%

  • install_file

    svchost.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c169b1b8bef1394a5cfca580f302b3d2ebe5ec2e4b9ee0d1d4899959da9b3817
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections