General
-
Target
Windows Explorer.exe
-
Size
243KB
-
MD5
3e9451ae259859ea8a836bb14cb9ecab
-
SHA1
10188e879f2c711ba7282d8bef5c0a7196ff6434
-
SHA256
33ecc6af3e32bed78d25f9c26392de2e51172e3e8a1e0fb09ce4a97c8b57ef84
-
SHA512
01cd415dbb19580b6b6187dcfafb00600eb6f99ca78fb5f2d32f654562b519f4db8bf740c4ed2c0ff1b75c0957e0e27dab4facd5c1b77b1f5676e739072f8358
-
SSDEEP
3072:1rd1FR9xXOM9+mwwWwwwwwwwwwwwwE/PpbqQwBBBBBBBBBBBBBBBBBBBBBBBBBBl:15LR9ZwwWwwwwwwwwwwwwE/PNqCSF
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
fee-harmful.gl.at.ply.gg:41934
Mutex
ZnhrHhM9GbtLdrxd
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Windows Explorer.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections