Overview

overview

10

Static

static

10

5fab9bc493...0N.exe

windows7-x64

10

5fab9bc493...0N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5fab9bc49399698369e80976fd10eab0N.exe

  • Size

    53KB

  • MD5

    5fab9bc49399698369e80976fd10eab0

  • SHA1

    bdd846cbd2f1f5596e5e9cd85fcc44e988c84e6b

  • SHA256

    aa469790bfe8bb59a7835cf2e7a1acd606ea8d2270b2e64450de20c0dda97bf3

  • SHA512

    8803f04d05f00cb95fbc37d57f742740467e1dd72c8296eef5c0c6e7c1884492f85fd303dc75f942f98271a541bdbdbc54812e4bc4e7dfd1d426d38bfc776566

  • SSDEEP

    768:bf9rZr53B3XNao4BWINTRjpgkbuJoytaNXvnOY6qmONhXLLrBdQGO:bfFBfFIWkbkoUatvnL6VONxjBdQGO

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:5555

Attributes
  • Install_directory

    %Temp%

  • install_file

    server.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5fab9bc49399698369e80976fd10eab0N.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections