Overview

overview

10

Static

static

10

6ce1628469...aN.exe

windows7-x64

10

6ce1628469...aN.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    6ce1628469599a4b2975096bcd6a1218857041241f223703c49b5a355d3aef3aN

  • Size

    41KB

  • MD5

    675a1883118b0c605d24feb35b3744a0

  • SHA1

    d8ab573eed0befb3c1d357d30b475a3d6a5ebff2

  • SHA256

    6ce1628469599a4b2975096bcd6a1218857041241f223703c49b5a355d3aef3a

  • SHA512

    208c7415af6f9d7d53484a3002a5b2d4bf71375179f4c3799f5b74d13e25ab11f2dcaafa9269ec222542eeed9e92a048c6a29f55b5c32aac0e156d96f0d3d4c7

  • SSDEEP

    768:RmrJDweBDuOkScrbsN/x6WECAr43MxfJF5Pa9p+z6iOwhD3/ibv:R0DwewicrbsN/YDRrNRF49Iz6iOw1ab

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

prices-saddam.gl.at.ply.gg:64107

Mutex

MQ5RONoNfhXmQPAq

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6ce1628469599a4b2975096bcd6a1218857041241f223703c49b5a355d3aef3aN
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections