General

  • Target

    LpHuEOBePyiJA7ptBDaShyFywik3eLZcBtfBbJky.exe

  • Size

    83KB

  • MD5

    5cacee3c6ddb0f97d708439e0dd4488a

  • SHA1

    39db4ffc10506a07c7e4bd99a88186e0b295b9ab

  • SHA256

    e3d3b17792640e70ba0ab4537053064185e6724c3d2df7600157843febfc9d1e

  • SHA512

    00ead953ae2e65754b9c8ba466b0717ce5aa5ed24754d74d95a1bbbe128c088d02f8e2477006b8296634e92ea67b5bffe7b59e85cde23951377c921469272ed9

  • SSDEEP

    1536:CP6XDPPnQSAgIfZfGUq2A87EZ3bG2M0LjiVY/V33XOlN7W/DVqN:CYgOIfZOUdkZ3bvJyVYh3XOlN7kDu

Score
10/10

Malware Config

Extracted

Family

xworm

Attributes
  • Install_directory

    %LocalAppData%

  • install_file

    svchost.exe

  • pastebin_url

    https://pastebin.com/raw/wrHXjRMP

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • LpHuEOBePyiJA7ptBDaShyFywik3eLZcBtfBbJky.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections