xworm | 9ca4695aa52e3bf468c2bfe36ecc105c730157a6927e4d96f5ca148c51534c36[.]exe

General

Target

9ca4695aa52e3bf468c2bfe36ecc105c730157a6927e4d96f5ca148c51534c36.exe
Size

89KB
MD5

0ee20a416c4c752806bb696e44e7085e
SHA1

54dae877a748a236f12f2d0a3eb34c63a8aa7a73
SHA256

9ca4695aa52e3bf468c2bfe36ecc105c730157a6927e4d96f5ca148c51534c36
SHA512

78f3c7b275893fe55e03cedfa929403b704bcb123f0cb13850cfed002a72cb6a4572ad3e376508e999406d0e408ca32cc65b11a9d7dca48265735a42da85bde7
SSDEEP

1536:kcqdeKNDJYmE2YgAtHlwGSduaCCf4AMbXbnGQ3/aMclu6ZVcaOzaZPz:j0eKNDqmFGZaPgXbXbn/cXVOOZ

Score

10^/10

xworm

Family

xworm

C2

f8terat.ddns.net:7000

78.70.235.238:7000

Attributes

Install_directory
%Temp%
install_file
updater.exe
telegram
https://api.telegram.org/bot7084570776:AAHWfPRjpebc_dUAwpwOYQjDqVKGe1YgIxw/sendMessage?chat_id=5456205643

Detect Xworm Payload 1 IoCs

resource	yara_rule
sample	family_xworm

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ca4695aa52e3bf468c2bfe36ecc105c730157a6927e4d96f5ca148c51534c36.exe