General
-
Target
bOyW.exe
-
Size
30KB
-
MD5
dbaf623dbb0b456ecc3c517d20028e94
-
SHA1
1a5135f33d9825928b6ba01f5c6c990d54c0d493
-
SHA256
82bf98526028165b2b4700282a2a0e88f36015c1948ba4890aee7e53f14b2a50
-
SHA512
c9a73fba2113ec0af10a89d22233bf25fb5e08007cde624e6debccddefd2cfd867bf3c9892db1c9db5fad1fca497a3a60e70204d5059507dda90b4b7daa18cc6
-
SSDEEP
384:57wTA+5OfPgEBQqWvfcQLZe3s10hYACSqRDTnY2uRugtFuBLTIOZw/WVnvn9IkV7:5rgECfLH1MYAoRDTY2uBFE9R7OqhBbr
Score
10/10
Malware Config
Extracted
Family
xworm
C2
septiembre2022.duckdns.org:1618
Mutex
Pzg1ZTatsP8hQxgg
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
bOyW.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections