Overview

overview

10

Static

static

10

a.exe

windows7-x64

10

a.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a.exe

  • Size

    30KB

  • MD5

    2198812522751ea51892b4f74e9fb29f

  • SHA1

    d4e64cedffb2124dd28097541e49b5516d2a5468

  • SHA256

    99b2866343c93275abc4394fdfa9b74cb347d93d6fac6e2fefcb2760887e0ede

  • SHA512

    612d9f564743519f8d3c11891d28ea2ed5b282b1b1cd70304b85d451d7f8e24842653d44a5fc5538e8d5ac191a1bd1cccd01086f820baffb1ce0891739f60509

  • SSDEEP

    384:A2458Ytf+1mOEUehuzD2LZX01OgTE6QmRuptFlBLTIOZw/W2Zvn9Ikn1PexOqh0D:M+1mOE1yG6OgCm0FG9L1EOqh0bf

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:5555

Mutex

zeASSUEqonKkfg6J

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections