General
-
Target
Obustro.exe
-
Size
82KB
-
MD5
b107fbdbd7e5a97172b3974216a78886
-
SHA1
410f9c227a901e2721fd4471e8a5069bd6af43da
-
SHA256
1ddab0ffb27f81d57aa99aff590c9a603157724362315228bd47914be4dbf6d2
-
SHA512
b7485652c502a95a258d106166419dc3679e8a69906b7634dc440db9fa3db506a1c5597024fa0b275b556dbce55f51877bfef6d779817a0c83f51395bc734de6
-
SSDEEP
1536:qih380x1gfPT9dOjquahM8+bEm3leW9Q6au4aOaQDb4mPMUf:NhVgf5EFWZ+bEmVeOcu4aOaQDb4va
Score
10/10
Malware Config
Extracted
Family
xworm
C2
19.ip.gl.ply.gg:45758
ads-enabled.gl.at.ply.gg:45758
Attributes
-
Install_directory
%AppData%
-
install_file
detektivhuedblyat.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Obustro.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections