General
-
Target
thegreatestexploit.exe
-
Size
41KB
-
MD5
9eccd9e1aa21da6c6cf0a007fcfc4269
-
SHA1
65d6ae78141765fbd54a7f59374d33930e32284f
-
SHA256
113936476cb797d98afd7661438b380ed18e532cdc0631a4f77a61175adb3be7
-
SHA512
28c8d626ed8323cd374511d5c2ec45cbbbbeea335a7bdd4d33f3a10a7294dcba5e2323175715eebee9bc87d5a1a7a6750f0d007ddaca6bb125fc029b3f8fa0e5
-
SSDEEP
768:imrJDweBDuOkScrbsN/x6eqCAr43MpfJF5Pa9p+eA6iOwhG3/ubk:i0DwewicrbsN/YVRrtRF49IN6iOwYGA
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
build-self.gl.at.ply.gg:7479
Mutex
ZG5MD0yOm2zZUCXc
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
thegreatestexploit.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections