Overview

overview

10

Static

static

10

a388f534c4...0N.exe

windows7-x64

10

a388f534c4...0N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a388f534c428c27c0d49633dc539e380N.exe

  • Size

    58KB

  • MD5

    a388f534c428c27c0d49633dc539e380

  • SHA1

    0228d5e22a59a7f33fd09d92fead78ea120b075e

  • SHA256

    9d327073936679158cd049e1f6e34b4fe22cc58fe3b0e19a6cd6b35387517c3c

  • SHA512

    e3a270e3d8e39999e35395e988e9ba454ebc9e2985ccf92c8b9a524361fd89816a49f1a0ba88a4ed2dd9985e045bfe967d0d7e552bcb9c829e1f9408234b8bee

  • SSDEEP

    1536:fX1Uxwf8eqVMJRhVpfWPkbWP0G770hiOZtUZmqPCY:fiLMpKkb+0e0hiOZtYt5

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

super-enquiry.gl.at.ply.gg:28425

Attributes
  • Install_directory

    %Temp%

  • install_file

    svchost.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a388f534c428c27c0d49633dc539e380N.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections