Overview

overview

10

Static

static

10

479e98ca81...eb.exe

windows7-x64

10

479e98ca81...eb.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    479e98ca81f78a5786e85f5cb5dcd684e0678a015b6bc4c939681dbf2f90b3eb

  • Size

    38KB

  • MD5

    16c6109c9e18892f382ffc99131fd30a

  • SHA1

    fc84dd409b2311cda4d4f36d61e1c8030ddfcb14

  • SHA256

    479e98ca81f78a5786e85f5cb5dcd684e0678a015b6bc4c939681dbf2f90b3eb

  • SHA512

    f33faf19dfe8f97c7c802ef160645bcb3dc840dd72e33e09a4d923ba2c21f42c20c51f62caf33c65013a6b7eec7bb071ab8bfddadb8db0ecd6f394e8185cfed1

  • SSDEEP

    768:hvXj1q8QU+XrmXTei0uuLMVfFWPa9P66UOwhfCi8H:ljMzUewr0uuuFL9P66UOwNCL

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

18.ip.gl.ply.gg:64551

Mutex

Deb90vFci7nsre5Q

Attributes
  • Install_directory

    %Public%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 479e98ca81f78a5786e85f5cb5dcd684e0678a015b6bc4c939681dbf2f90b3eb
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections