Overview

overview

10

Static

static

10

04cfe85ad9...1f.exe

windows7-x64

10

04cfe85ad9...1f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f869f9d64a8a01aff088f8c830a477dc.bin

  • Size

    16KB

  • MD5

    01456ca94f373bf8aba111f13fd6f9a3

  • SHA1

    e17567c7fac8c466e08ff98a963f79d5a5010443

  • SHA256

    821539854b93ca25f87b28ef07c457fab760661bab30cb4e37f5349dd02edad9

  • SHA512

    1e8cd17629e9060a89ac7a39b2e53ad743854c625dedd72c66ce9620d0ee5c75394583604345d4596ecb8b07c60acfc6b6cd11a20ea7711eea0deee119974900

  • SSDEEP

    384:088dHLoX/h2/tyj4lWhzgfsUkaNVfMgZRNKnnMOG:YEPQtVlWhzNvaNFPKMOG

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

sep-framing.gl.at.ply.gg:61526

Mutex

wCIHQbYCz8ryLWwh

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f869f9d64a8a01aff088f8c830a477dc.bin
    .zip

    Password: infected

  • 04cfe85ad9f84a7bb65c39ed40e209fdd61f3a3cb52d0606a9fc41f780a2ba1f.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections