xworm | 9db1f91cfadd63e2af86c931deafac223730551b196fb57abb097f2f13b83597

General

Target

9db1f91cfadd63e2af86c931deafac223730551b196fb57abb097f2f13b83597
Size

17KB
MD5

2c104d2e02b64d2e399c4f698e787c1f
SHA1

419ac879555d35ea95b684b13952541e9e8a6a09
SHA256

9db1f91cfadd63e2af86c931deafac223730551b196fb57abb097f2f13b83597
SHA512

ceb759f847df14ea994b3408688eb5480f4780cba0cf7cad19b0a7fee7cda0f2dad4bee33bec85bf749500d6301f4454361c222aa6f2d808c5de8943902c651b
SSDEEP

384:70wfJqVCxTeL1iKa8d9dskfnTgCGgL5ieA+C48cK3yeWhIp8rVgWu/0STXRweX5:gwf4ZLF39dnnMvgLXA+NKCeWyp2VwxTX

Score

10^/10

xworm

Family

xworm

C2

popular-influenced.gl.at.ply.gg:2439

Attributes

Detect Xworm Payload 1 IoCs

resource	yara_rule
static1/unpack001/9ce6d086aa5285d09275b6fc298c006aa632b19f9005eef8f9ae412009e620cb.exe	family_xworm

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9ce6d086aa5285d09275b6fc298c006aa632b19f9005eef8f9ae412009e620cb.exe

9db1f91cfadd63e2af86c931deafac223730551b196fb57abb097f2f13b83597
.zip

Password: infected
9ce6d086aa5285d09275b6fc298c006aa632b19f9005eef8f9ae412009e620cb.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ