Overview

overview

10

Static

static

10

3b8be35e09...eN.exe

windows7-x64

10

3b8be35e09...eN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b8be35e0963b310c227be40cd2176afdb9fecbe8fa9bcc243790f24b63b5e1eN

  • Size

    77KB

  • MD5

    1efbf9afb8000f1979722bb2050064e0

  • SHA1

    5121055fc8ed3aabccf44be21eadd5d25be60d6f

  • SHA256

    3b8be35e0963b310c227be40cd2176afdb9fecbe8fa9bcc243790f24b63b5e1e

  • SHA512

    07ddd45ccfbe8b7cc37cf358f3ee511fa6d1265c0960a6270978ffb69524098670d165826f671545c26f1e77571c7554b593a3552b6a9482ab3ae9e0c4b6a4cb

  • SSDEEP

    1536:fPerilZ9VVu0CQhETAseFk45J20x6zz+bxtbE28FZU6PJWZnC72Ob3rA/mke/:XeGQkkahxW+bx2diOb3rAc/

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

18.ip.gl.ply.gg:29310

Attributes
  • Install_directory

    %AppData%

  • install_file

    svchost.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3b8be35e0963b310c227be40cd2176afdb9fecbe8fa9bcc243790f24b63b5e1eN
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections