General
-
Target
1a85ffae7660a7147e364ebd73a5a322.bin
-
Size
30KB
-
MD5
cfbe778c971581bc1e66211933f372d8
-
SHA1
e10b97c871917425a3a4d0a6677623f162365432
-
SHA256
704cc8d24ad2bf070bca49e169cf1d448e808010c4b92d5da6ec51ee349c7515
-
SHA512
e59a48d64f91a5ed6d74beeb140b6c81536fc861e97a74916c7b5089fd8c4fd456c0110484690d3427841e2178faab7d93fbfdb2ae155b3f56e7b1b0ef03ae52
-
SSDEEP
768:Asmh/YexxfAUdjo7tJ9+RSYPZNx19sNSgxBTzWtrJAQzIPFP:VuYeYU92pegTarJY9P
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
0.tcp.ap.ngrok.io:19744
Attributes
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1a85ffae7660a7147e364ebd73a5a322.bin
Password: infected
-
ecfe634b75153c27d0e4bcaf3bf931aca1b64189254c8e08ffb04dc603915a55.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections