General
-
Target
Client.exe
-
Size
50KB
-
MD5
e8df0480a323dd3d1dd0c53d3ca986d4
-
SHA1
b10ff1455b6bd8ad713a9077bbb270ee2e3dc00f
-
SHA256
d3a28c1e26ff1ac7d09fb9580b1fcfa2724d27b95126a2b4b76c001efc5eef67
-
SHA512
647e00a6efc127de0cf0acf8b020462ac18b09e6200cfefc9c509713f0c5b663dd1d92644efa68e5069858eb88fcc1277cdb66cfda6c6457bff15e18239affac
-
SSDEEP
768:VmAIFq7ZrVakoY3wIEdvtAZB8T9SbsM2trgsmDFKniJbOWhWHuRDs:/IFqdVIdlZob52pxmDlOWVps
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
transportation-practitioners.gl.at.ply.gg:39133
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Client.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections