Overview

overview

10

Static

static

10

26d58fefd6...0N.exe

windows7-x64

10

26d58fefd6...0N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    26d58fefd6b6d97ce7326ad4be665be0N.exe

  • Size

    301KB

  • MD5

    26d58fefd6b6d97ce7326ad4be665be0

  • SHA1

    d5423e3a44f522f0afb4ed37e2a05cbe73254afe

  • SHA256

    b14600b4c8a47409d5b9c6b5c7142c846c6ec3dd13f72c625502d018c6460bd4

  • SHA512

    f4f490472aeaeaa9b70c74d891242b3118d719040e65f962198633d12e0fbc2730fabdab973c3e95bd6a617b7057e3286a224ad4afbd6a5a8054d97f237bb278

  • SSDEEP

    6144:k9s39B+GIIIIIIIhIIIIIIIIIIIIIIIU:c

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

5.tcp.eu.ngrok.io:14590

Mutex

nWLXGdF9tC3i3eNK

Attributes
  • Install_directory

    %LocalAppData%

  • install_file

    steam.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 26d58fefd6b6d97ce7326ad4be665be0N.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections