Overview

overview

10

Static

static

10

f99ae2843d...3N.exe

windows7-x64

10

f99ae2843d...3N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f99ae2843d9c3ffa02e211777e7cfa2a9c759139ec922d062c5883679e8b3823N

  • Size

    40KB

  • MD5

    615786070805c9eb0ca58cf09682e9b0

  • SHA1

    319b760d1015ee62f8dda6c673f7deed18c9f414

  • SHA256

    f99ae2843d9c3ffa02e211777e7cfa2a9c759139ec922d062c5883679e8b3823

  • SHA512

    bdda9588b7c759ccd197728061e48e2a91b30ffee11309d3acdcfb931f73fef5a4652625570158dde5134fae420cdb84d174d0cfe8b4f366eb7e91075a5ddf11

  • SSDEEP

    384:nFLDb8mACT+aFifsEmn4w1+Qk7zuPgg8Kx493yBtrLaWGPjxLCPOnsSZwHV6cWRn:ZDb0I+a4DL7zg2Kd3yG92RlF

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

xworm1120.duckdns.org:1120

Mutex

D0iCsL6PUuq7iVxc

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f99ae2843d9c3ffa02e211777e7cfa2a9c759139ec922d062c5883679e8b3823N
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections