Overview

overview

10

Static

static

10

572667ee81...80.exe

windows7-x64

10

572667ee81...80.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    572667ee8147be27b09a4b68b5aa14cd60bf2e25a2a1a09264f94a329d37ff80

  • Size

    75KB

  • MD5

    b923f5cc55cd2026709dd9cf2769a774

  • SHA1

    72b6dc0ed5f068c2f6caffbf25a690c416df334d

  • SHA256

    572667ee8147be27b09a4b68b5aa14cd60bf2e25a2a1a09264f94a329d37ff80

  • SHA512

    cf146b11d49f4de41e0eb40fa6a6aac489dc11ad0cb2a918298e6c6c955ebcd280d8530f92f2428e67ffd0a6c5f5d6c054b760337a6e27209d1ce23e5d55a959

  • SSDEEP

    1536:/2Q5pJiB6uawKjPFNN3GOU60s6wBecnbSxa++aD63BsWF/GOGAWYR:/2Q5bi9bA4cnbSE2m/GOG0R

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

political-antivirus.gl.at.ply.gg:28319

Attributes
  • Install_directory

    %LocalAppData%

  • install_file

    java_host.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 572667ee8147be27b09a4b68b5aa14cd60bf2e25a2a1a09264f94a329d37ff80
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections