Overview

overview

10

Static

static

10

WindowsRoot.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WindowsRoot.exe

  • Size

    81KB

  • MD5

    dc9cce7b2ab5836c8f4ff1fdcea5a88e

  • SHA1

    68ca553b84f7159efaa3855773071192411b912f

  • SHA256

    8fc479720e3218f4a6af96f65d39c0ea82c01c004315750d7f210e08540e4d6e

  • SHA512

    baec44b96fff2977f50d6efe61ab598d6657512806cb9612694b97643769f894bfceefcbc15c818acfe15d7547cedaf9898d87980a947a02886807061cbb26c2

  • SSDEEP

    1536:N7K5slud3hLERjgckbp2h4qr7bBbHxEcZnV6+SOvsLh0ERdK3l:QSlS3J64qnbNHHZAOvYh0Ycl

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

172.16.0.2:7000

Attributes
  • Install_directory

    %AppData%

  • install_file

    svchostq.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • WindowsRoot.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections