xworm | svchost[.]exe

General

Target

svchost.exe
Size

34KB
MD5

3b23fa8d77f5ca0f343bb2af1e5baec5
SHA1

881019b48e506d184c43606284761ea80cae8c56
SHA256

db762280521d09e3f82f42b1cf2cef56d8512e6082035879086bbbdabf699876
SHA512

cb12e239d85df7cd374a075112a1edd4b59561104e9253d27ac641cb39492344e935b92647e73e43e3b05eb3e6d023272a1773d2a0f3f0a0707bf94a07ea9052
SSDEEP

384:LSyXlquOae6oKoBmoDnnGvBLmlgCwvHixdTD2VR8pkFTBLTIZwYGDcvw9IkuisGM:WyXiBDAtYgC4CaV9FZ9j8TWOjhv/4C

Score

10^/10

xworm

Family

xworm

Version

5.0

C2

lefferek-42016.portmap.host:61672

budget-compiled.gl.at.ply.gg:61672

Mutex

onfACwiiMT0rgyTy

Attributes

aes.plain

Detect Xworm Payload 1 IoCs

resource	yara_rule
sample	family_xworm

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
svchost.exe