General
-
Target
1708337887ec41b10f7a4117a97456d582dd8cf7410e0c0b39024a0d71b84aae88472d89c6331.dat-decoded.exe
-
Size
35KB
-
MD5
1a2b23fd06525561826e61fc104b66d0
-
SHA1
1c466e09b23febee0b6e250f73ca9c8652e8a722
-
SHA256
10875f69e0911f8aced75c992993d60e1f5e38a1de53fe63436b7913ffccaa24
-
SHA512
5db2106cff4fb1fc7ce1cc5d54c0ef4ff2b2ee27c1fd6e61815e0b9030a16a7e2e42817191c83e92f712ecbb8c2e9b0e6d97a4b799f0cf813958d94ce7b29909
-
SSDEEP
384:Bgg9j00WbqxAMTayV5N+5maFZZL3aepJm3/KNm0ns0VgtFMAmNLToZw/RZCvK9Ig:vB4QBTOl3a73CNUVFQ92hOMheuvlu
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
febxworm39090.duckdns.org:9090
Mutex
p9scRtac5fAAiDhG
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1708337887ec41b10f7a4117a97456d582dd8cf7410e0c0b39024a0d71b84aae88472d89c6331.dat-decoded.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections