General
-
Target
bPjb.exe
-
Size
40KB
-
MD5
96eb05963b8cf0f51fbb19f478a7aa86
-
SHA1
7a66dfb762362dc1a16615778a08d717eeac5342
-
SHA256
a7da92a8f1dde21271b0e4ca6dab609c97cde7d659582eef25e373fc9dd44610
-
SHA512
de9fd8495e361c75ca4de6db5970c52144670c646e73293917f360eda8c3aebdfe7daaf98f159e673acfefbaa56d8b82551ea19ab4682275b868a44d8dc8192b
-
SSDEEP
768:+OAixruiqRTeILSFoRd0Rp0wOWsQhLOSwoE/6B:LAiJqg1Dn71O8E/6B
Score
10/10
Malware Config
Extracted
Family
xworm
Version
2.2
C2
septiembre2022.duckdns.org:3130
Mutex
zwUzXNUc8vaZYsM1
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
bPjb.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections