General
-
Target
07ecf0ee68a52e1783da654389f5adaa861b5e7cfff04cbec504e721cc3a11ad.exe
-
Size
41KB
-
MD5
ada4045ee6399dc5733826a4d7e43a10
-
SHA1
5184959ba1eb9034df44fb309be3781cee9a3d83
-
SHA256
07ecf0ee68a52e1783da654389f5adaa861b5e7cfff04cbec504e721cc3a11ad
-
SHA512
8987d6809bb5a8f9e94c35115d86cf9de6b1b3ee732e10338e38df33f2608954e6c5a61024ddcd7a833861aea0fd2aec94670aba529b73928031854fc39df1b0
-
SSDEEP
768:1KjSON6U+0VT7OWCCKUS0BMRjJF5Pa9pmA6vOwhy3/+zc:1gStUJVTa1nFrtF49AA6vOwg2o
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
156.225.129.202:7000
Mutex
lUhImY84qBJOkvuH
Attributes
-
Install_directory
%AppData%
-
install_file
crss.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
07ecf0ee68a52e1783da654389f5adaa861b5e7cfff04cbec504e721cc3a11ad.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections