Overview

overview

10

Static

static

10

main.py.exe

windows7-x64

10

main.py.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    main.py.exe

  • Size

    44KB

  • MD5

    aacd79d677898cf5c143ee144aeacdba

  • SHA1

    1f6bbacd1373226e2ef53cca19754be6b8d73619

  • SHA256

    1179583d5b06240bdfbd61745abeb7706e4b75d2d42a561b71f39d8e6edb9e7e

  • SHA512

    f3a144841980da5fb5105731033c596d2e96e68a663af4790fa0009b58e479d6dcf4a7f69aff2a4ae56f4e28ee86b00cce3dac24739826ec980ab699a338e46a

  • SSDEEP

    768:/0yUbkms0JqxXAsvfgf3okU2jCp/J7X+F+R9pP46vOChQbWL6h:/0/bkt0JqhAmfU5U2jG/FOF09R46vOCK

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

coming-park.gl.at.ply.gg:2444

Mutex

RaGFrRd5XNdQrnY7

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • main.py.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections