General
-
Target
NEAS.bL7Lexe_JC.exe
-
Size
52KB
-
MD5
1a85ffae7660a7147e364ebd73a5a322
-
SHA1
ae2e1e57a51229643b99519fc16a6df5ae7fa9d3
-
SHA256
ecfe634b75153c27d0e4bcaf3bf931aca1b64189254c8e08ffb04dc603915a55
-
SHA512
df0f1b8ff21d34d544756f42db122045cd02fdba599fcbc9ff4d96f013d4dd9b7946efae66cdcc79d5057610f75b3a88af5d9d75537bd207726414acc1c79ab2
-
SSDEEP
768:cRbuQ+RBvuHl8X328DJbCjwsteF1EZb7rtVmr63q1EQZByyOShvcgT5:6bujGeX3NDJbiiSZbnzmO3UByyOSlZt
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
0.tcp.ap.ngrok.io:19744
Attributes
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
NEAS.bL7Lexe_JC.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections