General
-
Target
Injector2.exe
-
Size
327KB
-
MD5
3e1b6c00c152ecd0945df66e71caa4c1
-
SHA1
6b4e5c1646cac905034b740205f6003a73e872dc
-
SHA256
1bee8362e0fffaa161de96775b92a2b6be47e65798251d0bfd4b82d134cfbd89
-
SHA512
82a8682d63cb88e74667b9a4824e8d832aa9116fd8854e9debc0912ce1a5437544db213e363a6cfbf42bd5a1b0ed6ba4f622803759ca66e6ab50c4ad34b4627b
-
SSDEEP
1536:MDW2YGf/GEjNLTkAD5eZZerr+bhsFz08ISAkTO/2jxSZEsFGfFuAYCRAutPsAzAz:MDrYW/rka5Rr+bhsjItGOOj0j
Score
10/10
Malware Config
Extracted
Family
xworm
C2
rat234678235481254.ddns.net:4782
<Xwormmm>:3412
Attributes
-
Install_directory
%AppData%
-
install_file
Runtime Broker.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Injector2.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections