General
-
Target
80970f6228f203edc6bd4d48904e6cf0_NeikiAnalytics
-
Size
88KB
-
MD5
80970f6228f203edc6bd4d48904e6cf0
-
SHA1
b2866a641db4c7aa09b398e236f75c806e7d99e3
-
SHA256
98c5b911660f6c00d1357d1827e4fa6e47e760c75a60ae1526178d6e8b7ba146
-
SHA512
e96211d0f4e36fa87ee6bc68772035063de81baad758b404c32d0fa531036183b0a8c81a6e39a88204fe1dfd2afc33ca4b3eb18cccb4f46ee7a94af8c1837cab
-
SSDEEP
1536:Me9EkOiQLAItDSwKvQckXbYjQsiLCtu6vj9BsdHO5gsSIaZoGTWpGKCnx:MeCyCNY8XbYjBBwO5gsnaZoGqQn
Score
10/10
Malware Config
Extracted
Family
xworm
C2
hydraforce-45677.portmap.io:27985
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
80970f6228f203edc6bd4d48904e6cf0_NeikiAnalytics
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections