General

  • Target

    NEAS.121b08f3fe77a580b5d11e766c00709bbin_JC.exe

  • Size

    35KB

  • MD5

    121b08f3fe77a580b5d11e766c00709b

  • SHA1

    fae8d282745b932efacd36adb918d68a27cade57

  • SHA256

    c820b50f27fd507c02b99b8e7eb90cc48748064ce3592cdfb36f46ae33384b50

  • SHA512

    d4316e074d4249b81451491c5ed9aa479150a9b9a70d995e81f20f458257b778a6bc1cd8151da35a3f018f31a3efcb131f376fafb0ab28fdf8c791abedd62345

  • SSDEEP

    384:yGQEqXDwe6EWAVCbKzJc85/LcvJKKuDXzBXDEKPf+gtF1BLTiZw/WNCvK9IIkuWy:gIbKze8pcvIKeWK/Fc9ebO9hPbvDMh

Score
10/10

Malware Config

Extracted

Family

xworm

Version

3.1

C2

7.tcp.eu.ngrok.io:17898

Mutex

YgRWZNrRNAR8z56G

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NEAS.121b08f3fe77a580b5d11e766c00709bbin_JC.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections