Overview

overview

10

Static

static

10

18f85d9c15...0N.exe

windows7-x64

10

18f85d9c15...0N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    18f85d9c15122860c5afb01819c488c0N.exe

  • Size

    76KB

  • MD5

    18f85d9c15122860c5afb01819c488c0

  • SHA1

    71889d83a920a349e03ac569e84e0c4f37e8428f

  • SHA256

    2973a669091e5a2da5f858c518d386d1ce8becf19ef97f3bad3e39b0bc44897e

  • SHA512

    23d5e66eaf55fb6f9b85b27256145caa44b357bc32289b6ea829a21d4a1a10fa0955a47c45ac7623d82c2cf59f79a0bd166ba7d7fc9a7f76e323f3824fc6e258

  • SSDEEP

    1536:kxCIyqY0tOCNzaAyZx28dIchZbxESZuJesVd6LUDOz25POHhQh1AW:kEqnOCN318dBhZbxeYUDOC5PmhQDAW

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

cars-controllers.gl.at.ply.gg:1337

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

  • telegram

    https://api.telegram.org/bot6740565952:AAHWmEd26lmD-VLOO8NIOb8DwV9u2r-zN_8/sendMessage?chat_id=7351916265

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 18f85d9c15122860c5afb01819c488c0N.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections