xworm | Nurik 1[.]16 crack (infected)_2[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Nurik 1.16 crack (infected)_2.zip
Size

725KB
MD5

c8d1c0513b0d5a6270c063fae014f87c
SHA1

61a376cf8a42dcdf300867e596933f6d956efac8
SHA256

c42f18ec71756e7e53ed0b7e9c5c7862ff04d2954eb5a56a534a735b2b3b034b
SHA512

1ea53db181a53f854493809cbb2b2849f9440870cd9aaf569351c69cc1dbb1061b0d14bf1a614c84d56383f741af0534d500118c79c560ab2aca54776968b42d
SSDEEP

12288:W6vL9RqmZf4Mf030dBV1YiIcHYMJ5S42UbJtYg9BFjA4tdsVzZY4G0gUypa/uK7l:jPFp034z1Yi34GSBUbJt04vkY4c7c/u8

Score

10^/10

xworm

Malware Config

Signatures

Detect Xworm Payload 2 IoCs

resource	yara_rule
static1/unpack002/CrackLauncher.exe	family_xworm
static1/unpack004/CrackLauncher.exe	family_xworm

Xworm family
xworm

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/CrackLauncher.exe
unpack004/CrackLauncher.exe

Files

Nurik 1.16 crack (infected)_2.zip
.zip

Password: infected
Nurik 1.16 crack (infected).zip
.zip

Password: infected
CrackLauncher.exe
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 770B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 594KB - Virtual size: 593KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Nurik 1.16 crack (infected).zip
.zip

Password: infected
CrackLauncher.exe
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 770B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 594KB - Virtual size: 593KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Password: infected

Headers

File Characteristics

Sections

CODE Size: 5KB - Virtual size: 4KB

DATA Size: 512B - Virtual size: 124B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 770B

.tls Size: - Virtual size: 4B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 512B - Virtual size: 456B

.rsrc Size: 594KB - Virtual size: 593KB

Password: infected

Password: infected

Headers

File Characteristics

Sections

CODE Size: 5KB - Virtual size: 4KB

DATA Size: 512B - Virtual size: 124B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 770B

.tls Size: - Virtual size: 4B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 512B - Virtual size: 456B

.rsrc Size: 594KB - Virtual size: 593KB

CODE
Size: 5KB - Virtual size: 4KB

DATA
Size: 512B - Virtual size: 124B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 770B

.tls
Size: - Virtual size: 4B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 512B - Virtual size: 456B

.rsrc
Size: 594KB - Virtual size: 593KB

CODE
Size: 5KB - Virtual size: 4KB

DATA
Size: 512B - Virtual size: 124B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 770B

.tls
Size: - Virtual size: 4B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 512B - Virtual size: 456B

.rsrc
Size: 594KB - Virtual size: 593KB