General
-
Target
scvhost.exe
-
Size
57KB
-
MD5
537e20d0bd38e5dfc81e3860f6411f84
-
SHA1
07ece1eef363df3cc86930f1e33c13a14a958e77
-
SHA256
17a70a3c722853725bd02cd6b33506f579bc4521e13d2a8e58e4da76c28051fb
-
SHA512
4c90bbc98cd914211c812acf93b0f9a538edc770d8d7d6a540f0b5ad3e539e9985cd4904ef4bb55d8cde806f99af00c6e36b1acfcdfe8cfc91c85b6cae50a127
-
SSDEEP
1536:uGm8GlukEnn9c6s85N7QFkboLdE1r0td3nZOLkG:z1sEnn9c6s8n7QFkboLu1Itd3nZOL3
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:7425
accommodation-wendy.gl.at.ply.gg:7425
Attributes
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
scvhost.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections