General

  • Target

    4a29205d5c7853d089ed8faebc6d412f0c58f782eba05d70b2a2cfc7ee3e2500

  • Size

    75KB

  • MD5

    2fdfdc28bc8f362cc5f8c011d42d0a1e

  • SHA1

    67d6b431dfa75f02219dbee35c72f8d3636e21da

  • SHA256

    4a29205d5c7853d089ed8faebc6d412f0c58f782eba05d70b2a2cfc7ee3e2500

  • SHA512

    2694c1e44285d9e8d98e1b3762a6d83b27e4eaa0a5b71441e920154904aadde4b6d831c16ad573b2d978b57859c06d37f1eb8cdf48a4427489f04141c6bffb82

  • SSDEEP

    1536:rgc6J73fHqXWZ16J452BapyWhabisdvojWVQ8GNQ9t6kut3Ov9K97B:rgr7PlnyWobisslquxOFKVB

Score
10/10

Malware Config

Extracted

Family

xworm

C2

rent-pas.gl.at.ply.gg:25215

Attributes
  • Install_directory

    %Temp%

  • install_file

    NvidiaPanel.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Detects Windows executables referencing non-Windows User-Agents 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4a29205d5c7853d089ed8faebc6d412f0c58f782eba05d70b2a2cfc7ee3e2500
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections