General

  • Target

    Nitro Generator.exe

  • Size

    77KB

  • MD5

    8bbf53c41f2625a3c4e608ad13cb2c55

  • SHA1

    3335287d42f6e674eb1d4465949e02d262bb8391

  • SHA256

    ae5a9dec7624bf30d8b8f9659dd6969973969a88933790fedff2f5717745e299

  • SHA512

    9c568dff7a8cbeb26997fdb17c7cc1c2a1fc3d060cf83fdbf1a5b994da8e04cf2e03a2f6a5406005d8edd77d3a497617f89c9cc2575b76c0ac0f0ceef97b60ec

  • SSDEEP

    1536:KRF0u1pqSjRVjnnsT5zYYPwRIH7I7AFbgwOLYP0og1KMwEnO8oBoRF:Kz0KprsT5zYY+IH7I7AFbgTK0omFjnOI

Score
10/10

Malware Config

Extracted

Family

xworm

C2

runderscore00-25851.portmap.host:25851

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Nitro Generator.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections