Overview

overview

10

Static

static

10

2024-11-15...ar.exe

windows7-x64

10

2024-11-15...ar.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-15_ae4957b9487d4bef4561924cacfd87e1_hiddentear

  • Size

    170KB

  • MD5

    ae4957b9487d4bef4561924cacfd87e1

  • SHA1

    7c4345be2315779d07e5b2caa5105f021aa71a98

  • SHA256

    2bca82cd14951c2ce35707a176b1555956c8ef938187f4e7687da194c818b492

  • SHA512

    5fcf65119c64066b8f5837d09680f1cb61f224ff17ce72ad54976730f126b9f63974f2549ce1c12044b42b06472c1a81f3d8abfe18d3be758156517de6930bc5

  • SSDEEP

    3072:RUetQRGSwRzAkYQbv9bG6ApBaO24M+lmsolAIrRuw+mqv9j1MWLQz:RxCR2ZYQb1bXcO+lDAA

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

185.29.8.111:7000

Attributes
  • Install_directory

    %AppData%

  • install_file

    svhosts.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-11-15_ae4957b9487d4bef4561924cacfd87e1_hiddentear
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections