General
-
Target
TrioX V2.exe
-
Size
70KB
-
MD5
7efa216d9352b0f96e1e4a97076314ee
-
SHA1
13fbe18df0166561a487cffb1e7de500f08cd21a
-
SHA256
5bb23cf0b73d1b698f29cfe163d73725fcd71d89c260f151a7f72109da6e6f50
-
SHA512
9a619f652ca1effd815fcb4cf4b7e9295fd29cd787186dff3daec5f3ed1fb9d423b564c4f13f78c564162d47a99d2951e6826718f815a45f1b5e7c9ff6b05e79
-
SSDEEP
1536:Afb+Dv+OpTpeAf7hyvtDw6fbQ3QAQN9nO/kzl5u7:AfZOpk87MvtDPbQ3xQN9nO/kRs
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
147.185.221.16:14533
Attributes
-
Install_directory
%Userprofile%
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
TrioX V2.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections