Overview

overview

10

Static

static

10

928330f885...70.exe

windows7-x64

10

928330f885...70.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    928330f885208481d2e3f738bde16a3b2d9144ac9307caed86f4e95720dcab70.exe

  • Size

    54KB

  • MD5

    6640aedcf559295e30a2e01bdd54e488

  • SHA1

    55f54fd988592238a1eb3b3e8b73ad891ff53050

  • SHA256

    928330f885208481d2e3f738bde16a3b2d9144ac9307caed86f4e95720dcab70

  • SHA512

    54e4502dfca56994e0a4ba9e65cc6296ab92b2d5b145bd961cfaefc48cdfcdf97e9e727797e7533e93f3ff1d6834b5303a39dab2c94a64bbf408ba63fc09c9e1

  • SSDEEP

    1536:tNCMVLvIbm8v8Y7TsjFG938ZO36n64fUX8I:tNCMVLvIbmBFG938ZO36nhcX8I

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

95.98.144.201:2404

Mutex

txQ2MAplfLfxnmW3

Attributes
  • Install_directory

    %AppData%

  • install_file

    e45iasd.exe

  • telegram

    https://api.telegram.org/bot6421494903:AAFuoWigwh2-oDYMZFAWqzFsbHJABidzW1Q

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 928330f885208481d2e3f738bde16a3b2d9144ac9307caed86f4e95720dcab70.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections