General

  • Target

    setup.exe

  • Size

    73KB

  • MD5

    9003126cef8cf36eca17f1e51eaf8394

  • SHA1

    6f7941dc4c5bb1818a519482537ea231e4ba8ab8

  • SHA256

    ac30d7a03c46c90f1f8270ac6dc2a7001373b2b16567d7753f174fd33c047ed2

  • SHA512

    eacfc7a4030cbaab1926d660b5ea2fa69d9ba2e18bb690822bab474b9fb296d49150af25a8565dd51ad3a4d4da648e365610969829835d480fce4e16b0285dac

  • SSDEEP

    1536:mPN8fc4tabwG764lxyTfogb8cCijEnxH8w6nNOON3c7G:UN8f9abwGLHyZb876qWVNOON6G

Score
10/10

Malware Config

Extracted

Family

xworm

C2

sebeee-39917.portmap.io:39917

Attributes
  • Install_directory

    %AppData%

  • install_file

    RuntimeBroker.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • setup.exe
    .exe windows:4 windows x86 arch:x86

    Password: code

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections