General

  • Target

    FIX.exe

  • Size

    31KB

  • MD5

    cd6ba72f3236c5124626debe5e435d9b

  • SHA1

    82e14a72ed3dedc4cebf6798daa10c3a1dd57e2b

  • SHA256

    210ee227d5973f5e9efe284baa2e45ba8f5932964d002bc86c2f545191ab3ab5

  • SHA512

    1749153de7acc57fe06f6320320380c3d8d52c8fdc12b4b1f5b41a69dc25514a8a396ff2ba4e690dc48a2d6070b9e6bc7710ed2e67cc18b9b12aeaf2d51648b3

  • SSDEEP

    384:FrbnzlOq9luQoaeFZ9HB8/L8scCIJNWyekT4iR+gtFuBLT5Zw/WVVvK9IbVucxO3:0Rr08scBJNrepiZFV9yXOqhnbNw1R

Score
10/10

Malware Config

Extracted

Family

xworm

Version

3.1

C2

football-essence.gl.at.ply.gg:11273

Mutex

iNqYeHd48y3uC0qE

Attributes
  • Install_directory

    %Temp%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • FIX.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections