General

  • Target

    ImageLogger.exe

  • Size

    62KB

  • MD5

    3e4d628210b6f2c3a96092203ea5c2eb

  • SHA1

    6fd276cca9cb5e1e9c19a0b2f6026515ec6f1b0e

  • SHA256

    5175b805ea8db533ac0b0153899804be3dd8b5151185ef5ef4614ce01f8acbba

  • SHA512

    626ac7fe79f1b0dc5e8295831ad068cdef9d763ed2aeddaeb38d1de9701c0b4b04931dc2c98d4eeef89246c61dc06d8a3d81248f3eeddfdf8d9ce0db70e72b66

  • SSDEEP

    1536:6V+SsoFh8ikwJgL62SiZj4GbXQdFlCH6EEg66iObIOD:6bf5RJP2zZbbAd5WiObzD

Score
10/10

Malware Config

Extracted

Family

xworm

C2

sebeee-39917.portmap.io:39917

Attributes
  • Install_directory

    %AppData%

  • install_file

    RuntimeBroker.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ImageLogger.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections