General
-
Target
NEAS.98493d1be8cb7bbbeb6e1dd8875f28a0a9b7e559f64edf83ae6d7f3c5cf962ff.exe
-
Size
30KB
-
MD5
386f066c417fa04b1d6f94ac81f1be6b
-
SHA1
c05b7c2036cea1281020036b67f8cceeaa247296
-
SHA256
98493d1be8cb7bbbeb6e1dd8875f28a0a9b7e559f64edf83ae6d7f3c5cf962ff
-
SHA512
d957575a71e80a7e577bc24d9f63507582c6bfa018d00ee0170ceaf5735e9e15087b2082d1c9bc15e92b58f5a07b45745811804b417cd9886178296f89e2d20e
-
SSDEEP
384:veAwIGmeffcbWICWv/0ILZGPc20hYACSqRN9PD42uRugtFuBLTIOZw/WVnvn9Ik:lecbl/b32MYAoRN9M2uBFE9REOqhPbF
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
127.0.0.1:3060
Mutex
N5a5j0hrrFQtv91G
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
NEAS.98493d1be8cb7bbbeb6e1dd8875f28a0a9b7e559f64edf83ae6d7f3c5cf962ff.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections