Overview

overview

10

Static

static

10

vm.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    vm.exe

  • Size

    63KB

  • MD5

    d7d169c7173b67f881c5b04aed08c0eb

  • SHA1

    916cac2d81230bf709ce6fe4894ec74b3fb91a33

  • SHA256

    ac6c77f1af1db36464ec184588cab3db8f7ce1541d4bc5b91c2b814d5f36fc7f

  • SHA512

    1116890516958b2772b3903cf50fa55169534b3a867c0644134d575d0bccd8dc31dd175c007874e50b121e34effab5676fd1282b70331941d0ce46284e7d8d47

  • SSDEEP

    1536:C3UPUE/R41nfBEKU+bB2YFIrG6vUdb346tQD8O9r3gnst:CcSpEX+bBTiM9XJOBwst

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:17560

login-eye.gl.at.ply.gg:17560

147.185.221.27:17560
Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • vm.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections