Overview

overview

10

Static

static

10

MicrosoftXRemover.exe

windows7-x64

10

MicrosoftXRemover.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    MicrosoftXRemover.exe

  • Size

    39KB

  • MD5

    30b433a44b36dd55f0c52da15d706ae6

  • SHA1

    542a21f8e28bea95be541b47bc7b75780f4dffb8

  • SHA256

    85b453e3b8b553f3a91eaa10f0788344bb97200b2d483497032a80f603672ef3

  • SHA512

    8d34d62c8d5111522ea6825a4b571626a34302c519ae92fd5c6c13ce198b28c4c29b8dbb77f5d22898712529726aa77116435361b6526fd86bf63358aff23a25

  • SSDEEP

    768:TQqbxECNnHpsmVQirzHnisHFQ9mF6POwh/brPxb:PbxEUJ1SirLnjFQ9mF6POwVfpb

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

mind-loaded.gl.at.ply.gg:7000

147.185.221.22:7000
Mutex

8MboPTT54MpfVk2h

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • MicrosoftXRemover.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections