General
-
Target
514490ecb8eb3efaa06c9cedc7cd181e83a961913d31c538b984ba5f6fc84259.exe
-
Size
77KB
-
MD5
9461c1b988b838dfcf7e696eb0185f25
-
SHA1
51450ed3bdeed7dcd3f0f1de5024f1744c67b481
-
SHA256
514490ecb8eb3efaa06c9cedc7cd181e83a961913d31c538b984ba5f6fc84259
-
SHA512
a2ae4c86555d4372677975e800d10b9313ba2479cd812ffca22bfe185818397bf34302058bcd3f630faa5136265a9e8a26981f261bcd0958a0a17dccba01e111
-
SSDEEP
1536:23tF2PmXtG6HYc8bbwttNpG9rbhDDnVxfetB6bRROBokf7u:Ct3GMYc8usrbhm2ROBHTu
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:41896
20.ip.gl.ply.gg:41896
Attributes
-
Install_directory
%AppData%
-
install_file
svchost.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
514490ecb8eb3efaa06c9cedc7cd181e83a961913d31c538b984ba5f6fc84259.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections