Overview

overview

10

Static

static

10

d3xos-fangame.exe

windows10-2004-x64

10

d3xos-fangame.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    d3xos-fangame.exe

  • Size

    34KB

  • MD5

    8943a36e66d39ae072cb83a3e297f280

  • SHA1

    61948cb115d92c0237f56a57baffe1153b1e4f30

  • SHA256

    5d462dc9e23a778255528a5c9f77802d11f80b09d553d3eb405cbd6b7f70c52a

  • SHA512

    75fc1224bff888081d86506e850a5292ea148310df9acbd4acd7ab9b52563288248f9a93d94fd4f7b65c5b3b6c66ab646d736b124ae314eea4e4e5fa81dbbd18

  • SSDEEP

    384:cVxu9qBOae6oK/I7Z9plUzO7LMeGZ9CZpbW3tXe3qXR8pkFXBLTIZwYGzcvw9IkM:AxuaUJRnpGZ96pbWx9FV9jEeOjh8/4/

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

lefferek-42016.portmap.host:61672

budget-compiled.gl.at.ply.gg:61672
Mutex

vLCK038prWQAgwbZ

Attributes
  • Install_directory

    %AppData%

  • install_file

    DiscordClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d3xos-fangame.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections