General
-
Target
cheatpenka.exe
-
Size
38KB
-
MD5
1f946fb3c0f9c51c4c85947946aab2e9
-
SHA1
aa6b3c1865f99cbe85ee864369b42524649f7b2a
-
SHA256
68ad8b5814fda8e069bc2fb1c0cfd4edbaf3cbb1da5282db6f7584620a7fbe98
-
SHA512
f5b6d194679797585e5beb0fc5a41353a6401bd763c976247d4906b1b24749612c8afe015b0e15c6bbd9f1322f268fb9ec6dd42d4767e97825765498db083706
-
SSDEEP
768:38BZe3YbtdaHDNzm5fLja4s1nP7FWPA9xGxtRBOMhUSakS:36Ze3YbajNi5fsFJ9xGxtRBOMxpS
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
127.0.0.1:20786
l-critical.gl.at.ply.gg:20786
Mutex
NUjH6vRCnBvFSIf8
Attributes
-
Install_directory
%AppData%
-
install_file
System32.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
cheatpenka.exe
Password: 123123
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections