Overview

overview

10

Static

static

10

gta.exe

windows7-x64

10

gta.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gta.exe

  • Size

    256KB

  • MD5

    38405cd821fa35824d367aedff252ed2

  • SHA1

    b70f9b3de189a89762d31caf11aafad410f2b1bd

  • SHA256

    f8ed103574089d431ad8eaac8c8cba0240da701beb8df26011c7c97a6c981182

  • SHA512

    c3225c965a817487ec0453a0ed9dd6807983fa3980fc5da2f9d8767fc7cbfa1557d2c0d8754c77be94217a5676737cdf152a64f383cebc2bf9f1198f5b7bd5a3

  • SSDEEP

    3072:nOoQq3wNXKk2zg3bQqTJAOJh23R6eBdte1FKNfAc/vnew0sFetD79OzWPEMiZJ:nV+6/zcb9VGfAc/v10sQOzWPEh

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.1

C2

127.0.0.1:37897

global-protective.gl.at.ply.gg:37897:37897

global-protective.gl.at.ply.gg:37897
Attributes
  • Install_directory

    %ProgramData%

  • install_file

    nerat.exe

  • telegram

    https://api.telegram.org/bot7268785583:AAFvSoXRrVhV7krjc8W8iUc9VL5ZyOqftLY

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • gta.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections