Overview

overview

10

Static

static

10

SolaraV3.exe

windows10-ltsc 2021-x64

10

SolaraV3.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SolaraV3.exe

  • Size

    34KB

  • MD5

    8422d88748d18b97e51f59777cab8f3a

  • SHA1

    c51ef13b6818b941ec78254e05b3c01fe48ed2a9

  • SHA256

    12928a29b6e233035892e9d030a70484bc116904c8dd232338c61cf7345ca3fa

  • SHA512

    397d6c135db7eb8585663387965fa32553e540815352bf0ce3bb7ada50274fef1d8d2683a9e3dd232e58b2fa585c8895d05ace53fa871b02c401f1f3b7a1f5e7

  • SSDEEP

    384:IxaXVqG28uymzhzUuHnOmYxLm97CwvHixdTX2VR8pkFTBLTIZwYGDcvw9Ikuisz:QaXUzPi9w7C4C+V9FZ9jktOjhl/kw

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:37380

23.ip.gl.ply.gg:37380
Mutex

xJJiRv40ppRvp0mk

Attributes
  • Install_directory

    %AppData%

  • install_file

    svhost.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • SolaraV3.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections