Overview

overview

10

Static

static

10

MultiToolBeta.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    MultiToolBeta.exe

  • Size

    41KB

  • MD5

    5a0e1107e5114c6e93b895b0cada48be

  • SHA1

    45d6922e1fbd7a269f10a62811603bf8c1f30503

  • SHA256

    01cd4448b38f1c44b003add7b3502606bd291226155ede9f373472760f6a1b30

  • SHA512

    3a5c8520c8b6f085bbb6769d02b66b1303799ba186b3e8884582874fad2df517bfc871ad50ce07736de1d7d49540214c50abbd543c53bbe0bbe5c7ccca7c1289

  • SSDEEP

    768:CmrJDweBDuOkScrbsN/x6H+eCAr43MxfJF5Pa9p+T6iOwho3/ibu:C0DwewicrbsN/YHhRrNRF49IT6iOwaaS

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

series-ate.gl.at.ply.gg:62459

Mutex

79prIv3I18H1bcRt

Attributes
  • Install_directory

    %Userprofile%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • MultiToolBeta.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections