Overview

overview

10

Static

static

10

rat.exe

windows7-x64

10

rat.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    rat.exe

  • Size

    39KB

  • MD5

    0f43e9b3d93b65843f0346d76282bdc7

  • SHA1

    140be5eec263cdbadb57579201aa7ccacd3c770d

  • SHA256

    108ff90bf1870b1618ccba08ffa06dae87028f514bdf2410b46204afa2f8248b

  • SHA512

    e322da86925d29c214223f7e05c52b86104333d8e6a28c8f91a2b261b5b50dd08a209efba59aeaee17607be52ec2c2405030fc6945ce11fa0dca01fefda8a029

  • SSDEEP

    768:ET7JKHWcEbDvghvq3cJ+uap/5fzbN2WzFPw9UwOphwuA4c:A7JKHWcqcLiFN2iFY9UwOpGh4c

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

authors-reflections.gl.at.ply.gg:19578

Mutex

QxbISg5F4EKZB8tq

Attributes
  • Install_directory

    %AppData%

  • install_file

    edge.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • rat.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections