Overview

overview

10

Static

static

10

fb3aae6494...0N.exe

windows7-x64

10

fb3aae6494...0N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fb3aae6494b4bce755fb07651ede8f10N.exe

  • Size

    52KB

  • MD5

    fb3aae6494b4bce755fb07651ede8f10

  • SHA1

    2204a7047f448924bdd1a8727a4936350cd89d0f

  • SHA256

    a2b590ebb5f205313959a98db17f0bb0e8812eff7756c565ea52914e5c04dde0

  • SHA512

    087c496c748236d67a51021d5e99d3849f17f741cd76e352a75eba0cdd14f404387ad39817130cf9882e05ca1a3b234e6c4b79802834dc4dc590abf21054b854

  • SSDEEP

    768:SGIl/PFIgDeWNuPp4NSOUV22VTjhFJ9cLaO9hGMDFWs:Ze/ygqp4m9ttFJ9c+O9/5

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

duckddnnsss.duckdns.org:18080

Mutex

xBIdEI7dn6K3oKEy

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fb3aae6494b4bce755fb07651ede8f10N.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections