Overview

overview

10

Static

static

10

bb4170b055...9e.exe

windows7-x64

10

bb4170b055...9e.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    bb4170b0550004dc2daf268715256e1435af9d5d35be14e8864fde1be7dbd39e

  • Size

    46KB

  • MD5

    af68a628ec767464a62ff55ae90a82f4

  • SHA1

    52fed5e305304a4cf16d0f99ce76d3b5124940b3

  • SHA256

    bb4170b0550004dc2daf268715256e1435af9d5d35be14e8864fde1be7dbd39e

  • SHA512

    31b6d754cb1f7b50e6083b53f570912459f3cac1619108397f04d4a6a9d8ee90b5953a9f762421542bf4db0e293115ad98d2ec9b2c0e26154693301567e90c95

  • SSDEEP

    768:qvnAE7g4Evk14CBaqkFORKDLsDWxizMGsUTjwTn0JvXtuf4vvOQ+Ll9jsfPQhLOU:2DEvk14CBaqkFO0yMl0zU7bl9jH1OtxQ

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

2.2

C2

make-catherine.at.ply.gg:58313

Mutex

rgFhrdI2FGly06KS

Attributes
  • install_file

    WindowsServices.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bb4170b0550004dc2daf268715256e1435af9d5d35be14e8864fde1be7dbd39e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections