General
-
Target
Port.exe
-
Size
39KB
-
MD5
485f7a794cc57deb9a727d57195b08e4
-
SHA1
61a6069d7f2ff945f2eeebdd5720fd8b45dced3e
-
SHA256
7be7fd00310e6479b5a90b19505bf93d401788d20eae43361239f52e45ae5588
-
SHA512
4946a9a0241ab1b8a9b6024699eb1059e43a36c9dd130e24c9b446f6f6c1374b9913fcf29df5a01444a92e13f5bb03a96e9895b19cd1de20fe33fa414bc54153
-
SSDEEP
768:cu16bvArWN+BpJSVQ/rzHniZ8HFQ9+z/6POwh4brg:D+vArE0cS/rLn1FQ9+z/6POwOfg
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
178.215.236.74:1600
Mutex
SUirbFbdUa9l0mtk
Attributes
-
Install_directory
%AppData%
-
install_file
Desktop.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Port.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections