General
-
Target
Archevod_XWorm.exe
-
Size
36KB
-
MD5
95b3c12592ed7de85aeb86fe9c54e23a
-
SHA1
4a6f7b46d077ad0e1dabea9f30efa95c52f79f3d
-
SHA256
50a3d3508c4b826b4e36678dd91b374c339b0c57a89a31cd3e9f5a4441772dc0
-
SHA512
7a1cd098641bbada8ad6015dfa6cb922ed425632eedc9c7b9ef2774b9c81ff74083d6d8549bb708f39f3dae479b53e46eddb068ed457883cd803ce593e50b08a
-
SSDEEP
768:tRmCfIsRkrkdeoQR/auzH9R1acc/FPr9lqO9h52ZL:tRmC8r+uL/EcKFz9lqO9yZL
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.0
C2
topics-junior.at.ply.gg:45283
Mutex
7K8kkC78j4IfMAr6
Attributes
-
install_file
wininit.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Archevod_XWorm.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections