Overview

overview

10

Static

static

10

main.exe

windows7-x64

10

main.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    main.exe

  • Size

    34KB

  • MD5

    a015ee994bd1732668edd31ad3941fcf

  • SHA1

    2213aa2687947ef558aa73a74e779df63e934173

  • SHA256

    8d89114848df0850117f7ab6f4fba86f1d522609c68763720575ef3d82163a3f

  • SHA512

    3254b7fd871fd5484913d023ead4b6e6b08e1237a63aede2f3b8d2a8401b6fd8fa47b447e7699db76496f277ab9ef2bacdcba4a6fb465e7d2b858273b8e5e716

  • SSDEEP

    768:AzuuB5cBenGcZ96pbWd9FV9jFtOjhP/k+:Azu25cBeG+spWbFV9jPOj58+

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

lefferek-42016.portmap.host:42016

Mutex

0Ay0gXLzQyPC3Cbd

Attributes
  • Install_directory

    %AppData%

  • install_file

    DiscordClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • main.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections