General
-
Target
NEAS.a088b9f3b8936f8fc7ef1c26a30e38b6fed5a08f20aad35a69733f2b83b9bffdexe_JC.exe
-
Size
40KB
-
MD5
3f7913c73decfcac56e9f1c1bfb2779a
-
SHA1
1480393d5f36e017b5a98598742821ffb8a3ac5e
-
SHA256
a088b9f3b8936f8fc7ef1c26a30e38b6fed5a08f20aad35a69733f2b83b9bffd
-
SHA512
05e9d67ada4e6c7152e219525666acf64c3947ab73b5d601d54bb537b2d3b8c1953c9157e60a59c85b5ce60db1bfebd93d4bcfcc4808d7623fe4d931faac1205
-
SSDEEP
768:WOAixruiqRTeULSFoRd0Rp0waOsQhLOXwoE/6qs:jAiJqgZDnn1OfE/6qs
Score
10/10
Malware Config
Extracted
Family
xworm
Version
2.2
C2
septiembre2022.duckdns.org:3130
Mutex
5Eyk7TkepwJVWJFv
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
NEAS.a088b9f3b8936f8fc7ef1c26a30e38b6fed5a08f20aad35a69733f2b83b9bffdexe_JC.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections