Overview

overview

10

Static

static

10

1Celestial.exe

windows7-x64

10

1Celestial.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1Celestial.exe

  • Size

    162KB

  • MD5

    d726f0f603538577a7e12448419fed1a

  • SHA1

    1ea8047f9e825c9dd648a12c98689e1c6ad11c70

  • SHA256

    e4d2faf2aa895163625ea12416ce945b256f0e13b8327152d6eb80f3ee9fc332

  • SHA512

    a9643b891d7a092799ee032c032daa0e1303f639a1893fe1ea7e2830cbae12dbb0d754ebe7bbedcb2396f6bfed5539a932c8f8726b7ff13e217fc39f630b7dfd

  • SSDEEP

    3072:LylYpapTCzws4begJOTWQCBz65/M6If+3Js+3JFkKeTnB:Lylyws4bLXxBt25

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

engineering-thoroughly.gl.at.ply.gg:32901

20.ip.gl.ply.gg:32901
Attributes
  • Install_directory

    %AppData%

  • install_file

    svchost.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1Celestial.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections