Overview

overview

10

Static

static

10

ac9ef83f6d...8N.exe

windows7-x64

10

ac9ef83f6d...8N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ac9ef83f6d6ae646a08a97ecfe311a8beddacc41e0add58f8516b657f627ee18N

  • Size

    37KB

  • MD5

    d8dfc68d21a7cdd095bc03963a8b2fb0

  • SHA1

    7d132da41aa0180c5895132e559f6245f1feacbc

  • SHA256

    ac9ef83f6d6ae646a08a97ecfe311a8beddacc41e0add58f8516b657f627ee18

  • SHA512

    32080903a12794c3e60d8572a7c50b693a5f988fabd1679bbcce9e1bba2a6e038fa023ad95b95dd00d14e08b1ea95194ce03e371bef29b67be4a2c01872c8637

  • SSDEEP

    768:ztGRiYTgP/NNo5GfjS61216La/FP192iOphi7X:zkRi+gsGu6McLgFt92iOpeX

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

role-fresh.gl.at.ply.gg:2522

Mutex

tZ4Yyzni0aPUlFjz

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ac9ef83f6d6ae646a08a97ecfe311a8beddacc41e0add58f8516b657f627ee18N
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections