Overview

overview

10

Static

static

10

FireFoxSetup.exe

windows11-21h2-x64

10

FireFoxSetup.exe

windows7-x64

10

FireFoxSetup.exe

windows10-1703-x64

10

FireFoxSetup.exe

windows10-2004-x64

10

FireFoxSetup.exe

windows11-21h2-x64

10

Resubmissions

28-10-2024 00:28

241028-asb7lawcqb 10

21-10-2024 19:42

241021-yemm6ssdnd 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FireFoxSetup.exe

  • Size

    171KB

  • MD5

    014b0ea8fe05df0fdea1710537dabe57

  • SHA1

    91b47cd15009aceba1040cadabf3aa7cd6279a48

  • SHA256

    340830c7cba818a4e94a7791432f6a3e29bf103ebb47c70a6cb61e53c0ee5b2a

  • SHA512

    8503e8cd78442535226f41ba5d12dc0a20732940a24f865eb156ab9e75d6b4330bfdd10abba8add37713447317280f7b30f8c30bfb9f8642d15506a17e4d12d0

  • SSDEEP

    1536:qDEV10wHVJKuuwhSMEFv9by6POwWTCs6se7llqn17KineXd2wVKtivEYoNRh8RXt:dfjhaFv9bjOwFsgbcUieNJqKoPC5+Ls

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

147.185.221.22:43768

Mutex

2bRkaANDDdoPipKE

Attributes
  • Install_directory

    %AppData%

  • install_file

    FireFox.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • FireFoxSetup.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections