General
-
Target
NEAS.f0b72304c04c20c2fd7656fd43b3c916d92c7c89382a2e9a2ece614a90e61a10exe_JC.exe
-
Size
31KB
-
MD5
dbaea36a3a89a62ed390b8b2e5782e30
-
SHA1
1d457229c8f55b9eea85b0334f65fc2641144a41
-
SHA256
f0b72304c04c20c2fd7656fd43b3c916d92c7c89382a2e9a2ece614a90e61a10
-
SHA512
1b0c81374796f7b48344a794915daf6efb19b6b558f64999177abac6e0b12d6568724732e158c77d15b2acd0dedc72cb3ed94f957b2109c0e9c57580644f1a45
-
SSDEEP
384:zj+4qCsIUeOXTh45LYPQDc2ETU8X3VpR+gtFqBLTiZw/WNnvK9IkVudxOjhF/7vs:82Y4GxFpZF29RqOjhF/7vs
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.0
C2
20.197.231.178:7000
Mutex
zJMSZobOtzXEUpqv
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
NEAS.f0b72304c04c20c2fd7656fd43b3c916d92c7c89382a2e9a2ece614a90e61a10exe_JC.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections