General
-
Target
2342551234.exe
-
Size
41KB
-
MD5
63845bc11b2cefa6f7a75448a9c0adb5
-
SHA1
8f1b8d4f2d9f76bd8d55711f69b8e4863a373761
-
SHA256
cdc465a0da49872025a0c0a347b166e61288b441a7b1ac6e699ab73dc015a033
-
SHA512
6d01157dc6e735aa487440600f7524a792e26184e7b903c4301c751cc3697674887e61e0743a5990436b0e8a057cf9470ede412652007c0c08f1fa60d0d11a5a
-
SSDEEP
768:GwV5gUaKc2YKjOpfJF5PM90vqWQ6MOwhl3EuZ:GsiUHjYKjsFS92qz6MOwb9Z
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
if-shuttle.gl.at.ply.gg:21098
Mutex
oKNw8pYTKmPPPNxx
Attributes
-
Install_directory
%AppData%
-
install_file
2234.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2342551234.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections