Overview

overview

10

Static

static

10

helloworld.exe

windows7-x64

10

helloworld.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    helloworld.exe

  • Size

    71KB

  • MD5

    9abc77c7a2d864322641837bda3d51b1

  • SHA1

    3f295fdab7c126e9bbe2a02b0faf4147f120cb90

  • SHA256

    37a61a8e9a2c0d24dba2ef51d0bdde5fde4182f0218bee900f4213cc783963ff

  • SHA512

    69c865f20c97a1e569eb9d2e5a9813747b9882c75e822edca08bbe92ca6b71f72c0ee7c8cfe1d5b6a953acf64ba3a6820b39c8492334240622c8262e31ba1723

  • SSDEEP

    1536:8nNYWPeZZ8GTqR8xGXf1qTHjIpAB+bZT5AR6WpZOVOE4jf:8HLGTk3g/IpAB+bZQfOoxf

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

PovodPoestGovna-63080.portmap.io:63080:9989

Attributes
  • Install_directory

    %AppData%

  • install_file

    Windows Defender.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • helloworld.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections