General

  • Target

    WaveInstaller.exe

  • Size

    1.5MB

  • MD5

    f5fa3bbae478bec04b332f1231764d6c

  • SHA1

    770f7d1a4b7b93c984a2744e8a7c9c333af55973

  • SHA256

    5cb0861ba6d5e3d785945f05a2072a28df620b982949b39ad1b0446159dbadb6

  • SHA512

    a455690db82a0637f2798f2902bcb36ad4df53de4404f5cc77f0ef06abaec450ad931283ae83c2c1cc49ddb7707e68a14e0f5ce0ac32224f1fc7beea13cc0ad4

  • SSDEEP

    3072:fS/Og5u670mbYxLISXVOgsbK+IAsqezF5nIHPGIj9lua/Obw0hFv2PCWpIdn:pg5uY0mbY6WIprsqeSTunbw0/5Wp

Score
10/10

Malware Config

Extracted

Family

xworm

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    USB.exe

  • pastebin_url

    https://pastebin.com/raw/a1kmrNub

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • WaveInstaller.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections