Overview

overview

10

Static

static

10

43810.exe

windows7-x64

10

43810.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    43810.exe

  • Size

    34KB

  • MD5

    3325932fba61e0f8d19d87e3da22b075

  • SHA1

    a8d06733d83de73da64ae6f8bef39a6bbbd1e2ef

  • SHA256

    3933a6053d10ac2a6d87e7286adb069a4e8f8a8348166b5ddf9d70cff64162e9

  • SHA512

    577524bf80a266a9c7f360560be01560248b1aa5e50d1deb5a1df9383103b5889f2f726bb05a45e9529398c52f2d63c484b76770c3db0fa32d6e695fc88c8333

  • SSDEEP

    384:pxaXVqG28uymzhzUuHnOmYxLm9SCwvHixdTX2VR8pkFTBLTIZwYGDcvw9IkuisoW:HaXUzPi9wSC4C+V9FZ9jkOjh//kp5

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

cheflilou-43810.portmap.host:43810

Mutex

ib8OKYsBW5exmPhy

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 43810.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections