Overview

overview

10

Static

static

10

2025-03-03...ar.exe

windows7-x64

10

2025-03-03...ar.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-03_86292f6606d16cc6394419de61e9956e_hiddentear

  • Size

    170KB

  • MD5

    86292f6606d16cc6394419de61e9956e

  • SHA1

    52de556ddc1d22c8e88b162956b2bc5709059914

  • SHA256

    ed1019bacf6c2435ed5fd7cd0a51b58170ae25665de79505ab188b673b2a55df

  • SHA512

    7c7f8c155b4dcb58ec5a0ee189d30bd26696cc7771e9deaa2d044fd323278a5f63b70c58e2e72edea9b09cecdc35c2820b91ddd73fba9a78eaba30212255692e

  • SSDEEP

    3072:jWDpZm+7MTji+Y9bZjMDzOlWM+lmsolAIrRuw+mqv9j1MWLQo:jW3MitbmQ+lDAA

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

198.23.200.96:5353

Attributes
  • Install_directory

    %AppData%

  • install_file

    krypto.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2025-03-03_86292f6606d16cc6394419de61e9956e_hiddentear
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections