Overview

overview

10

Static

static

10

c njfrDAJ.exe

windows7-x64

10

c njfrDAJ.exe

windows10-2004-x64

10

c njfrDAJ.exe

windows10-ltsc 2021-x64

10

c njfrDAJ.exe

windows11-21h2-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c njfrDAJ.exe

  • Size

    140KB

  • MD5

    445e516f9ca9d204baa359ee36edc8e0

  • SHA1

    f5a3267afbc73c16620bcc3b332fadd8104d60bf

  • SHA256

    c96a0fddccd367dbc5422cd5e2036a3f987eccd1cf62a00f5a7b243a74ebcf22

  • SHA512

    e315de1fe895123950d88d7e4e9f0f57b3317abf3ebd09f8aa2916f105529b6f9b6ea834c8a318b9a7c565171c08580d5f727c3d043cc797f80f74f5ff141810

  • SSDEEP

    768:Gmcgc7ptu0Nqf4v6hCuuJf27ZZfFWPG9/06OOwh2SjGbn621sIwEk4w00wM:hc7tu0EgwCuuJfKFv9/06OOw4SC+EA

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

147.185.221.22:29307

videos-gsm.gl.at.ply.gg:29307
Mutex

akkHSUfQR3bLHwnR

Attributes
  • Install_directory

    %Temp%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c njfrDAJ.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections