General

  • Target

    ыфвывфвфыв.exe

  • Size

    72KB

  • MD5

    0dc0f82e01691161e1bdf90b0735a1e7

  • SHA1

    e0f3051bf3a6d51c5d8229a8787024f8be5e4c67

  • SHA256

    45ae311727a25c3dddb6d20ffc15003697564f776a2d1db59a9b7c61d2fbf03b

  • SHA512

    8a9c54b46fcdfa491da37236d4392d30773e7781b17cbf29b4087b604edea06e3435b27690eea27c68d351c9a85d3f1d27a13cbdda1c86b7f83ea1066c04e414

  • SSDEEP

    1536:9XWLvujp9SeuA6EDGiOtkbZppmu6PLmOx/dM7mApiO+1JUZ:oLvUFuA6EDAkbZqDmOx/dMtiO+1JUZ

Score
10/10

Malware Config

Extracted

Family

xworm

C2

mother-boutique.gl.at.ply.gg:5525

Attributes
  • Install_directory

    %AppData%

  • install_file

    svchost.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ыфвывфвфыв.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections