General
-
Target
RobloxHelper.exe
-
Size
87KB
-
MD5
1a42e1f991c88c6e9a0c551b579121cd
-
SHA1
241b26a18daff36bf8f0ff6e1dd3efc0096cf197
-
SHA256
3036c7282a83059cc08cda62ae7cc80189b8ff259cbfff0f74ebaa9eba2d7bce
-
SHA512
be972d3fba6a1a235ca8b685339f39e8d4241d6a60cef3cc1daf029bfccf0b06bec396936b15212dfd5f507ff49552948cfb0c08f1f9cfec6e60203b969bdb99
-
SSDEEP
1536:wdn79IxWPvqGASa6zlUmoZN8ic+bhGtk8goILptPy60BIHOC3OzhCaBdS1EAd8Ir:Ke7Mzy/3c+bhGYzpVABIHOC+zt7gEA6o
Score
10/10
Malware Config
Extracted
Family
xworm
C2
bay-cf.gl.at.ply.gg:20819:8848
147.185.221.20:8848
Attributes
-
Install_directory
%Temp%
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
RobloxHelper.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections