Overview

overview

10

Static

static

10

4729482394...74.exe

windows7-x64

10

4729482394...74.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    47294823947829478921143897148794298374.exe

  • Size

    167KB

  • MD5

    f86c5f136512f4e76e0737f8ccc302a3

  • SHA1

    78000060bca357dbb9fbe29633c46fd4ea1cd9f5

  • SHA256

    3528e3b0a01a175a885033eed18569a4cd34641373f5d42af5866d5d2d280f1c

  • SHA512

    e371660eb576a50dfa9d619ccf0367511d3b5d4985c8577ce5160b146d1385a7bf2db5c58fe5e235f80bcbada8e517590b944b589fe811613169426374015f79

  • SSDEEP

    3072:VuFG7Z9+FbSVx/BecODps2zBz65/M6If+3Js+3JFkKeTnQ:B7Z9ObSxpeJu2zxBt25

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

45.88.91.55:8893

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    sys-32.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 47294823947829478921143897148794298374.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections