Overview

overview

10

Static

static

10

fdf7550641...28.exe

windows7-x64

10

fdf7550641...28.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fdf75506418f5a0c6a8670533249d360c3bebfb521299ee838a1935c11d2f028.exe

  • Size

    77KB

  • MD5

    0257f9573873ea4759be1bb72f68b02f

  • SHA1

    f1e9bc7ccbc1b86500e76244664a9c8f6e35d8ae

  • SHA256

    fdf75506418f5a0c6a8670533249d360c3bebfb521299ee838a1935c11d2f028

  • SHA512

    b6f0691f107a389d303c0501eb89c0d4e55123df92cc6c1a03190860ba2f4885d49653527dd65fe677060d2592fe89e877e710253b2c703675ef71da4d68d9f2

  • SSDEEP

    1536:rOLzZhBnURi2/k8TjjXdTbLwzgnDcys6IFOXG0/dRnsg:a3ZX+vnjtTbLy+cHO1/Psg

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

methods-availability.gl.at.ply.gg:20557

Attributes
  • Install_directory

    %AppData%

  • install_file

    Windows Updater.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fdf75506418f5a0c6a8670533249d360c3bebfb521299ee838a1935c11d2f028.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections