Overview

overview

10

Static

static

10

fd9d1dfc1c...8N.exe

windows7-x64

10

fd9d1dfc1c...8N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd9d1dfc1cf359603277712f179a5616503dd8ef4616149782873cf87fbff728N.exe

  • Size

    52KB

  • MD5

    57ce7a327782d47f5a95f5f73548d200

  • SHA1

    1df4b4a4ed70605a7fede98f8c7e1b80042ef73e

  • SHA256

    fd9d1dfc1cf359603277712f179a5616503dd8ef4616149782873cf87fbff728

  • SHA512

    1aaa25fc2a18ce8087c3c37bd9097d3e78910324f9992085690fed471f3a00bcd74b249f332bc7824361499e8dc27aa676421f4d82d0be04246703f3e2cae41e

  • SSDEEP

    1536:cpHDSBc87/UWF70l/Crbi/OZu71Omwkn2OBCy:cYW8rHF70l/Ybi/HOt+fT

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:8848

u-football.gl.at.ply.gg:8848
Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fd9d1dfc1cf359603277712f179a5616503dd8ef4616149782873cf87fbff728N.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections