Overview

overview

10

Static

static

10

NL FIX.exe

windows7-x64

10

NL FIX.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NL FIX.exe

  • Size

    74KB

  • MD5

    99bd937c19c7340d2e59eb269c76bb01

  • SHA1

    9a2c02ea4aea7c1f16325eb99cb8b24ccd7f0bfa

  • SHA256

    4c107aa2a3b2a8dc5b923b618fd77b3ff597f84ef7f795ccb729f932fbf4edba

  • SHA512

    953f6a9e16d223aeded651de5e6bb2e0adae3b5371de0df1738d6209380518704a2bf11bb64462b9b40e3423ba84e7f6c34e4f2984e4d525a4005aba099ea2f4

  • SSDEEP

    1536:oWx9PdhrR322TJtoH7V8bPWJ0Gz6sTzO2tdZs:ZldTAmbPWfv3O2t/s

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

remote-newest.gl.at.ply.gg:58403

0xA1b45f1E46C83E5B8e66b08BA6765649997b419E:1234
Attributes
  • Install_directory

    %ProgramData%

  • install_file

    Windows.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NL FIX.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections