Overview

overview

10

Static

static

10

1728acdfb7...dN.exe

windows7-x64

10

1728acdfb7...dN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1728acdfb759194d0be473b2e9490d64e681a1eaf5f796173cf5c43f082ff4ddN

  • Size

    103KB

  • MD5

    91fc0791ef41aef4c69c01503d0c49f0

  • SHA1

    79162b99131d758c40bd5cc6946e435b4782b407

  • SHA256

    1728acdfb759194d0be473b2e9490d64e681a1eaf5f796173cf5c43f082ff4dd

  • SHA512

    79bbd07b7e37434fc2e53aa9d16364820e97c354f50e9c788924968b2f4eadb356f9f25e559a8c0d4e0af0a4abd691644ed7f2719fc9690221f7c2a0d04b284c

  • SSDEEP

    3072:APz9s59oKbFs9UuOMSdoZvLiEdoZvLixhTPgPe:AKo0s98WvmqWvm/Q

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

physical-troy.gl.at.ply.gg:25804

Mutex

LyvUlQos7UbAQvM3

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1728acdfb759194d0be473b2e9490d64e681a1eaf5f796173cf5c43f082ff4ddN
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections