Overview

overview

10

Static

static

10

bdbfbb19cd...8a.exe

windows7-x64

10

bdbfbb19cd...8a.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    bdbfbb19cd035e7d2e6e4f6e49d6b594dd9af02586c9d7f00cf7cfca61d0db8a

  • Size

    311KB

  • MD5

    639f7c306746c7a508f6fda1057f7b97

  • SHA1

    66fff73fb51084587a5e9304f98e4a9191d82ac1

  • SHA256

    bdbfbb19cd035e7d2e6e4f6e49d6b594dd9af02586c9d7f00cf7cfca61d0db8a

  • SHA512

    b30177289a61483627cf307372c4f609705436c6c8231b4349d45d21fbe01a8cba99c76c79e772b4032cc5a2242279c9dbec6b0230690834bb0b8e84d340c734

  • SSDEEP

    6144:JjxmnsVRtBPWD37s+/mr+jL80OVGs2Yw6RoK8IbCBcA0RRvRA81rijK40G:JdmsBPWrY+/JPlOVn2SRNzJO2rU0G

Score
10/10
vmprotectxworm

Malware Config

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bdbfbb19cd035e7d2e6e4f6e49d6b594dd9af02586c9d7f00cf7cfca61d0db8a
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections