Overview

overview

10

Static

static

10

XWorm V5.2....2.exe

windows7-x64

7

XWorm V5.2....2.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XWorm V5.2.rar

  • Size

    60.4MB

  • Sample

    241006-nwhqfawgpb

  • MD5

    0c32dff2b969c275b1f9893627d351a4

  • SHA1

    ee72f5dedf844e02e026ee723e305d3ffe76f4b7

  • SHA256

    84fab894445385b85ebc5b05d142fa950f3041eb3db68717a5c957b50312c841

  • SHA512

    4d0ce9b8214b3df31d9ecda791babede1813fe6d2aac70564403a71f964befbca3942ab4d8d4ff10279e5796311bbae56091d80aee18a7f155b4bb149abb10a2

  • SSDEEP

    1572864:ChePLtbSq7XK75+1H1wyfEVOTBGM+LJ7PLR1HwJ2JM:Cusq7XGc1wyfEVuB8LJbnHM

Score
10/10
stormkittyagilenetdiscovery

Malware Config

Targets

    • Target

      XWorm V5.2/XWorm V5.2/XWorm V5.2.exe

    • Size

      12.2MB

    • MD5

      8b7b015c1ea809f5c6ade7269bdc5610

    • SHA1

      c67d5d83ca18731d17f79529cfdb3d3dcad36b96

    • SHA256

      7fc9c7002b65bc1b33f72e019ed1e82008cc7b8e5b8eaf73fc41a3e6a246980e

    • SHA512

      e652913f73326f9d8461ac2a631e1e413719df28c7938b38949c005fda501d9e159554c3e17a0d5826d279bb81efdef394f7fb6ff7289cf296c19e92fd924180

    • SSDEEP

      196608:pcWPW6SJ5POYAa23tuQUj7prczC9YNu+/ChWbPP91SDwDrZhd:pce0JtOSSLU3prczy0uqkaIkDtn

    Score
    7/10
    agilenetdiscovery

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks