Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

WindowsDefender.exe

windows11-21h2-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WindowsDefender.exe

  • Size

    205KB

  • MD5

    53cb889affead37778d2ef39092d91da

  • SHA1

    91820167c3b4065d07916adb0b56a867da1a68e9

  • SHA256

    946cc4d31bbc501fa25c2b22efc8e07cd0ea326b276333600f98c33689d407df

  • SHA512

    4cc5cbedf7a36a271e405bed1fb4beedde2c9e12e79e3100acd61b0160a9ad5f57c363457601104956f79327d7562944db8c4ae17e416fd27b0b6a39dd77d5c6

  • SSDEEP

    768:BLzayT8ljccym5fCja4sYxE7FWPA9pHOMhna4OE3QjFMtUiLi8PqXhP5++:BLzgAcJ5fzFJ9pHOM1ZOE3cMt/P85U+

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

anything-talked.gl.at.ply.gg:7897

Mutex

eSQIhPW4koQzrFdT

Attributes
  • Install_directory

    %AppData%

  • install_file

    Regedit.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • WindowsDefender.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections