Overview

overview

10

Static

static

10

2024-07-01...ar.exe

windows7-x64

10

2024-07-01...ar.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-07-01_4cbd2f5201ad48eee23285fa5bd1b0db_hiddentear

  • Size

    162KB

  • MD5

    4cbd2f5201ad48eee23285fa5bd1b0db

  • SHA1

    36b9840c9bc6a1f5355765274fed589a453822f8

  • SHA256

    e9a7cd4800b26c3a79f0595ee797afdaa43d39307cc203a555e3265365977347

  • SHA512

    a96ed9090b45ca891e1e8c189c5d21e3ed8ed2705c1f07e16126d3df1acbe76bfb65a7a9710d8d31c354d9205478f6d5897161918f15cc5c58710324b5ea6627

  • SSDEEP

    3072:ST2oLp7ZAZb1O28wROqcAM+lmsolAIrRuw+mqv9j1MWLQI:UxgbDCT+lDAA

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

172.94.32.98:7600

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Detects Windows executables referencing non-Windows User-Agents 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-07-01_4cbd2f5201ad48eee23285fa5bd1b0db_hiddentear
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections