General
-
Target
e2a569f0f5168d11500b6e5f5c0ad0c900c45be7cbab68f0c354318123bf942f
-
Size
230KB
-
MD5
3db7f780cfc50d086820b95947a61e59
-
SHA1
d0d31e30bf5f0b39229fb6db2bd73a42ab61eb9d
-
SHA256
e2a569f0f5168d11500b6e5f5c0ad0c900c45be7cbab68f0c354318123bf942f
-
SHA512
36f184e595612b65563e8b578b3b319716e516d140aef7aa6afae786b036c77b0cc99a2a2cd94cbd548dcfcf82554a891eec0d0d7973a59be5e85606f172dfd8
-
SSDEEP
6144:y2lnab4waqIUhcX7elbKTua9bfF/H9d9n:blHqI3X3u+
Score
10/10
Malware Config
Extracted
Family
xworm
C2
154.197.69.131:7005
Attributes
-
Install_directory
%AppData%
-
install_file
crss.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
e2a569f0f5168d11500b6e5f5c0ad0c900c45be7cbab68f0c354318123bf942f
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections