General
-
Target
8433f522a42b7954b0b99f0085046af0_NEAS
-
Size
60KB
-
MD5
8433f522a42b7954b0b99f0085046af0
-
SHA1
032c97ec1a733b04d60ee40d2823fec549972b9a
-
SHA256
3758d6c18cd6722582f8321af5ee743210a81dbe401ea738b43826b2a201df82
-
SHA512
ff691f248f5f48040b5e780e70fda80c610ac64a4b6541d4e2e12bab2d6534565a4c8c9a0c774e78110db8af7355cdfb062bdb51bf197cccb647b2cbd5d2b6f5
-
SSDEEP
1536:WRxfMCjAJJixSkBkhkbZtGRU/NSOjcq6ya:QxfMHDzhkbZtGR4NSOjcq6j
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:1117
Attributes
-
Install_directory
%AppData%
-
install_file
svghost.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
8433f522a42b7954b0b99f0085046af0_NEAS
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections