General
-
Target
c769ef621852a1cd8219c535827fcbce8ffb301eece3d34e8cf89db3e7452424
-
Size
81KB
-
MD5
48288bec5481f6f9cd06650bd69709cf
-
SHA1
9a5cf4bfe69765120a5150a8f8983afee07b7005
-
SHA256
c769ef621852a1cd8219c535827fcbce8ffb301eece3d34e8cf89db3e7452424
-
SHA512
b1df25415674e06b625c3385f5ddd17f37fb992c863fb48d6ae73316a0447c647a7ca602e92e15dc9905594c1f55b1fe6cf30346dbddf6603fd3b28e964f471b
-
SSDEEP
1536:CMbWRTlmZ6Zzevqkklj0D0VyQx/Sc/NbAqFaGaeo6HO90jz0vKc1:pbYZm0zUY0OLx/S4bxROS0v1
Score
10/10
Malware Config
Extracted
Family
xworm
C2
lot-feeds.gl.at.ply.gg:55815
Attributes
-
Install_directory
%AppData%
-
install_file
RuntimeBroker.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Detects Windows executables referencing non-Windows User-Agents 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
c769ef621852a1cd8219c535827fcbce8ffb301eece3d34e8cf89db3e7452424
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections