General

  • Target

    redtiger.exe

  • Size

    132KB

  • MD5

    ee5400b9139644f8909689481516526e

  • SHA1

    43fd35c6e6318e03a87e6e038d2def520d89dc99

  • SHA256

    a15ce1055408e7c5d56a9b995d468191abd26ca30650f931a6861f01a3c51cbe

  • SHA512

    3d3b3cc859e0f03b0539cc2c3c23689d591eb02835228903df3dea207946cd40ab9d6a637461d778bdc8aedf3a7c38f871670c5256e1bf9e592d434e3655bf87

  • SSDEEP

    3072:F0ORdY5ue6RbAvgALcndk5OGiU9X6wKXdkEVMNQLcuqIWbTz75:FPe+b15ii+fUkaMyXnSTz7

Score
10/10

Malware Config

Extracted

Family

xworm

C2

192.168.56.1:80

Attributes
  • Install_directory

    %Temp%

  • install_file

    RedTiger.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • redtiger.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections