Overview

overview

10

Static

static

10

XWorm/XWor...64.exe

windows7-x64

3

XWorm/XWor...64.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XWorm v5.1-5.2.7z

  • Size

    54.5MB

  • Sample

    241217-1wslvszjfw

  • MD5

    76219b3556e25086fc52f8e2b93fbd0c

  • SHA1

    066a0f875820e51a60c3552a06b7b97f8bab6bbc

  • SHA256

    fe6371034d55bb7583081b03f4aec7274f8340cfea4740325cb52e1c6ac77f6d

  • SHA512

    ccc974b8e446409c7940ef8314b2a912a2f8c0272721148d4dca5b739702106e69c9c7d106137a576b7a7a846d4f9ac770685a07d7a588ba34d0167acb07f104

  • SSDEEP

    786432:8IagoCEXKlCpMqIEJkseGG+5ELbzcFdcyt5/ks3FkAPYxpL+q7RRHEm+0NyvZZGl:8JgXCzIsGrPzcFrt1F3Yxxrr+4yvZE

Score
10/10
stormkittyagilenetdiscovery

Malware Config

Targets

    • Target

      XWorm/XWorm V5.1/XWormLoader 5.1 x64.exe

    • Size

      109KB

    • MD5

      4bf2058e2fe4ee6490873acd8d00fc71

    • SHA1

      099f6cd30e1db09c0c51fad208a2c2706c6bd437

    • SHA256

      53d7f79b97f9bb3883a26b4cd84127e4c0c932ba82d9dd437b52373099049bea

    • SHA512

      f4382641663486fadb345537b2d2fc8097e918ccc4697e79e5d1c219a6e66f301a2a4bc65f4a95f740fc92eccaef55ebd99ed49dafdbe2a28f906c15c549d4a5

    • SSDEEP

      1536:xPsDAsCSuhbXNBcqhZ6tJaW9lSr89qmyVttdGFQeOPigx:1s5maVJaWPSI9qmyBeu

    Score
    7/10
    discoveryagilenet

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks