General
-
Target
6075c495785af608be891f8a322a00d7.bin
-
Size
14KB
-
MD5
a82c1973992c533ea5eb13f25ad15b4f
-
SHA1
7eb6899e049af25373dc94b5b28fd7d8ede06255
-
SHA256
7589e39231b84168f7565ea88860d110f451863cdf13fc6afd0bee9e3c723aff
-
SHA512
984cfc40a74f94e0b4aa6479983bf5bc1bb18a8cc843afd761939e088e92b9800557487fc7f14b9e36abbbbf456a59d00ae27b1b2ac8662591134cd2272b0542
-
SSDEEP
384:U83OeWeuxHH3MRlsy0m/txPUOKS7DA3YnygH4Om4HOzlHiF:ceWlFcTsy0m1xESAInjHOzMF
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.0
C2
181.217.95.27:1024
Mutex
5IZBd3TkHESwTbHY
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
6075c495785af608be891f8a322a00d7.bin
Password: infected
-
d3911a459d949e73cddd740a175b2096ab97a82faf6ead4d11c1c71710587428.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections