General

  • Target

    dialer.exe

  • Size

    47KB

  • MD5

    ef3e144f0e5363a02fc4c2b97daf5f03

  • SHA1

    a7eb658841f017b744ddfd642c4b59d152105ffa

  • SHA256

    5a11c6fd65e1ab36a8a9a5defb37c256a57c33fda13369fb423c672026183729

  • SHA512

    07f1425568390f8c86f5cf3c8a6ac114a7258305c852b423a5569539cdeb327479f72d380f8d3d5b397af147e3911a7479e828e19ddbcd9b1b0b316579479322

  • SSDEEP

    768:GOOj64yL5uG8DRLpsTTJXHRrHiQPLx9QciPmhLOk1gXz:WjVMmF8hLjx9Qe1OBXz

Score
10/10

Malware Config

Extracted

Family

xworm

C2

runderscore00-37568.portmap.host:37568

Mutex

EmwE6YqWGiYwqmxo

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • dialer.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections