General
-
Target
Updater.exe
-
Size
38KB
-
MD5
2b2cce0673331a90c6dddccaceb9e988
-
SHA1
6e918fb08ecfe87cc1e5bbff3ab5b7942042e6e9
-
SHA256
7c4aae140b363b573fef57b67376c8008b737ba5eaba96067ad353f577d7dad1
-
SHA512
689b9c5fa5a51dc957d013ab4d1f4a6e1ba4ddbf0f8d1a4d59b08ba97c9d62509856acd39cf0c599fa8c15351f35f7478cf3b18036fd0b82ab3a69a0b97d08a0
-
SSDEEP
768:JPDWCCqClY9UiX/iBrEvG3GXFyc9Bjh6OO/h2DEnlL:JPDWPleUgiBr7IF39xh6OO/HlL
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
16.ip.gl.ply.gg:52773
Mutex
I5cd1zmmwU7ZiFTy
Attributes
-
Install_directory
%AppData%
-
install_file
taskhost.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Updater.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections