General
-
Target
5e6d3250854f36bf7aaf32a29f1733b18daa555581dcebe630db34c24900b216
-
Size
77KB
-
MD5
a36f89febda5471a5b60eeb81b1b7d2e
-
SHA1
ae96c97a6467b6786f47b9769ccf93658629f026
-
SHA256
5e6d3250854f36bf7aaf32a29f1733b18daa555581dcebe630db34c24900b216
-
SHA512
20f518d0ff0ed6cda7d8f7c471abf60fbb691e302377421f3730a1c3d18f9e3fc84f2f8fe3c9ac3d11abc651a041bd0b75bc736fd683a239fd1866c6e51313e1
-
SSDEEP
1536:eJg2O8KBf9hV8dJoso30banU0NSEb6eMI66ZOfL3b7fdAX:eCp1uos20bWpNzb6+OfrbqX
Score
10/10
Malware Config
Extracted
Family
xworm
C2
pa-nitrogen.gl.at.ply.gg:62957
Attributes
-
Install_directory
%Userprofile%
-
install_file
svchost.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
5e6d3250854f36bf7aaf32a29f1733b18daa555581dcebe630db34c24900b216
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections