General
-
Target
123131242445.exe
-
Size
41KB
-
MD5
5cf830b5b18f2a1d098ae1e5ba1c2126
-
SHA1
eaeb4cc48d4ac72b2c2544b2f51d63750619b66d
-
SHA256
f8245488286ed68f7b978ca0a54d8687121c64538998c95e5e3e87b8c79e5b35
-
SHA512
a0391744165dc49d905d5e9f9fa45c58bf47c803bf53ea03cb2501314ecd105249ef6f6c0e91f7dfc51d07bdf9981754d7b5c2e3a513e7639fe09509d2de44eb
-
SSDEEP
768:RwV5gUaKc4YKjOpfJF5PM90v/gG16MOwhC3Eue:RsiUHFYKjsFS92B16MOwE9e
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
if-shuttle.gl.at.ply.gg:21098:5051
Mutex
jbP4JcROJXgkNh3x
Attributes
-
Install_directory
%AppData%
-
install_file
2234.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
123131242445.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections