XWorm-V5[.]2-main[.]zip

Resubmissions

02/09/2024, 10:29

240902-mje84sygrf 8

02/09/2024, 10:25

240902-mgakvaxhqq 3

Sharing

Copy URL Twitter E-mail

General

Target

XWorm-V5.2-main.zip
Size

752KB
MD5

ef8e1b2692edf97232c52060c4856dbd
SHA1

617b02ce33b5f315b3400e27a4b2f93bfc1cee11
SHA256

18b148a082f3a5ac3ad6eda4b80ac5d52fd21abbc582cc98fa571439f79f74f3
SHA512

45b35ceb19b01546f698a94910046be71e5cfbd3a05c6ec8eaecde429fc21b339ffb49c53f35d1c415279cc23720dd568b7deaa7164cdd58e3f3d05c146ee3d4
SSDEEP

12288:QY54QNTSfVqVV1lFeudgzTMmPhStGd5IG8Xo3nMuJsVqVV1lFeudgzTMmPhStGdb:Qo4gTSfVqVV1lgudeMkhX7kaMuuVqVV8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/XWorm-V5.2-main/XWorm V5.2 SRC/IconLib.dll

Files

XWorm-V5.2-main.zip
.zip
XWorm-V5.2-main/.github/FUNDING.yml
XWorm-V5.2-main/.github/workflows/dotnet-desktop.yml
.ps1
XWorm-V5.2-main/.github/workflows/main.yml
XWorm-V5.2-main/LICENSE
XWorm-V5.2-main/LOG
XWorm-V5.2-main/README.md
XWorm-V5.2-main/XWorm V5.2 SRC/Algorithm/Aes256.cs
.js
XWorm-V5.2-main/XWorm V5.2 SRC/Algorithm/Sha256.cs
XWorm-V5.2-main/XWorm V5.2 SRC/Connection.cs
XWorm-V5.2-main/XWorm V5.2 SRC/Edit.Designer.cs
XWorm-V5.2-main/XWorm V5.2 SRC/Edit.cs
.js
XWorm-V5.2-main/XWorm V5.2 SRC/Edit.resx
.vbs
XWorm-V5.2-main/XWorm V5.2 SRC/Form1.Designer.cs
XWorm-V5.2-main/XWorm V5.2 SRC/Form1.cs
XWorm-V5.2-main/XWorm V5.2 SRC/Form1.resx
.vbs
XWorm-V5.2-main/XWorm V5.2 SRC/IconLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\7Files\Documents\GitHub\IconLib\iconlib_src\IconLib\obj\Release\IconLib.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XWorm-V5.2-main/XWorm V5.2 SRC/Packet.cs
.js
XWorm-V5.2-main/XWorm V5.2 SRC/Plugin.cs
XWorm-V5.2-main/XWorm V5.2 SRC/Program.cs
XWorm-V5.2-main/XWorm V5.2 SRC/Properties/AssemblyInfo.cs
XWorm-V5.2-main/XWorm V5.2 SRC/Properties/Resources.Designer.cs
.vbs
XWorm-V5.2-main/XWorm V5.2 SRC/Properties/Resources.resx
.vbs
XWorm-V5.2-main/XWorm V5.2 SRC/Settings.cs
.ps1
XWorm-V5.2-main/XWorm V5.2 SRC/XWorm V5.2 Resou‮nls..scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4d
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/03/2023, 18:43

Not After

14/03/2024, 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:6b:11:42:5f:1c:2a:44:77:d4:5e:a4:fd:56:de:32:e4:8e:d8:23:67:c5:80:3b:43:de:7a:bf:2d:4d:e1:58
Signer

Actual PE Digest

30:6b:11:42:5f:1c:2a:44:77:d4:5e:a4:fd:56:de:32:e4:8e:d8:23:67:c5:80:3b:43:de:7a:bf:2d:4d:e1:58

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\UNKNOWN\Desktop\projeSLNv2 beta\VisualStudio\obj\Debug\VisualStudio.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/AForge/Video.DirectShow/CameraControlProperty.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/AForge/Video.DirectShow/FilterInfo.cs
.js
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/AForge/Video.DirectShow/FilterInfoCollection.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/AForge/Video.DirectShow/PhysicalConnectorType.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/AForge/Video.DirectShow/Uuids.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/AForge/Video.DirectShow/VideoCapabilities.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/AForge/Video.DirectShow/VideoCaptureDevice.cs
.js
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/AForge/Video.DirectShow/VideoInput.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/AForge/Video/IVideoSource.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/AForge/Video/VideoEvents.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/Connection.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/FodyWeavers.xml
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/FodyWeavers.xsd
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/Handler/HandlePcOptions.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/Handler/HandleReportWindow.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/Handler/HandleThumbnails.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/Handler/HandleUAC.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/Handler/HandleUninstall.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/ILMerge.props
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/ILMergeOrder.txt
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/Packet.cs
.js
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/Plugin.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/Properties/AssemblyInfo.cs
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/XWorm V5.2 Resou‮nls..scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4d
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/03/2023, 18:43

Not After

14/03/2024, 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:6b:11:42:5f:1c:2a:44:77:d4:5e:a4:fd:56:de:32:e4:8e:d8:23:67:c5:80:3b:43:de:7a:bf:2d:4d:e1:58
Signer

Actual PE Digest

30:6b:11:42:5f:1c:2a:44:77:d4:5e:a4:fd:56:de:32:e4:8e:d8:23:67:c5:80:3b:43:de:7a:bf:2d:4d:e1:58

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\UNKNOWN\Desktop\projeSLNv2 beta\VisualStudio\obj\Debug\VisualStudio.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XWorm-V5.2-main/XWorm V5.2 SRC/XwormHvnc/packages.config
XWorm-V5.2-main/XWorm V5.2 SRC/packages.config

Resubmissions

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 54KB - Virtual size: 54KB

.rsrc Size: 1024B - Virtual size: 808B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4dCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

30:6b:11:42:5f:1c:2a:44:77:d4:5e:a4:fd:56:de:32:e4:8e:d8:23:67:c5:80:3b:43:de:7a:bf:2d:4d:e1:58Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 301KB - Virtual size: 301KB

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4dCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

30:6b:11:42:5f:1c:2a:44:77:d4:5e:a4:fd:56:de:32:e4:8e:d8:23:67:c5:80:3b:43:de:7a:bf:2d:4d:e1:58Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 301KB - Virtual size: 301KB

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 54KB - Virtual size: 54KB

.rsrc
Size: 1024B - Virtual size: 808B

.reloc
Size: 512B - Virtual size: 12B

33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4d
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

30:6b:11:42:5f:1c:2a:44:77:d4:5e:a4:fd:56:de:32:e4:8e:d8:23:67:c5:80:3b:43:de:7a:bf:2d:4d:e1:58
Signer

.text
Size: 301KB - Virtual size: 301KB

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4d
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

30:6b:11:42:5f:1c:2a:44:77:d4:5e:a4:fd:56:de:32:e4:8e:d8:23:67:c5:80:3b:43:de:7a:bf:2d:4d:e1:58
Signer

.text
Size: 301KB - Virtual size: 301KB

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 512B - Virtual size: 12B