General
-
Target
f4deeaeaf6a4173c46ef5df50139cd54d144dc0cc0d685b2717c1590cc8b1b1b.exe
-
Size
57KB
-
MD5
8017a1bc98f4fdb536bef45a99951805
-
SHA1
d0896c713baa2873bda66c77469763c95dad7248
-
SHA256
f4deeaeaf6a4173c46ef5df50139cd54d144dc0cc0d685b2717c1590cc8b1b1b
-
SHA512
4a931e8ed6a3d5e547c4925b026d46be660f33b5c427721032df2ca5ad380b3e1abf215355fef911bc148784d4acf71c2e8ac4b729e6c4700cf8a2325a3b2152
-
SSDEEP
1536:mMA5VMU4wbWW8C5BkbvGoB264yLV6gQOXQz:mMA5VCwbWHkBkbv9gA0gQOXK
Score
10/10
Malware Config
Extracted
Family
xworm
C2
publisher-misc.gl.at.ply.gg:58207:58207
publisher-misc.gl.at.ply.gg:58207
Attributes
-
Install_directory
%Temp%
-
install_file
RuntimeBroker.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Detects Windows executables referencing non-Windows User-Agents 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
f4deeaeaf6a4173c46ef5df50139cd54d144dc0cc0d685b2717c1590cc8b1b1b.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections