General

  • Target

    Nowy folder.rar

  • Size

    15KB

  • MD5

    6c3807806038037b3e3b82cc6efbec53

  • SHA1

    1cf8e12dde2eeadd2dce06500a12de428e7efe5f

  • SHA256

    77edf1ceed2f7c282f920595a492c9b7d11c5a0d5c18d71b987a65ad76e01002

  • SHA512

    7d32c93a870d24745e74c1f286cc0ef68d6262c7df5731e4f5fe739e0ff166d89e8772e54df7f2a6154f1aa96b9b12fdded77315dc2ee6de5d3aaadd545a0d75

  • SSDEEP

    384:Ayzln6VBzNKkCz1ePpwBwZqJH8cILDKCkIY4:wNg7z1IpUs5rfKCBZ

Score
10/10

Malware Config

Extracted

Family

xworm

Version

5.0

C2

172.21.237.205:1226

Mutex

meFdKE9XCS96JEbt

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Nowy folder.rar
    .rar
  • Nowy folder/XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections