General
-
Target
47cf511490414b971467de3ef94f38118a1a12f3f8d1fe176781cda1df3b5310
-
Size
158KB
-
MD5
4f7141b2eba2b589b850dfd28a04ff03
-
SHA1
621382ab8e37d856f1854fed26c5e26653b2a7c8
-
SHA256
47cf511490414b971467de3ef94f38118a1a12f3f8d1fe176781cda1df3b5310
-
SHA512
1ae1b75459e4cb5920a2ddccdffbeadbfcca10b931d92bfb06e2c89a3ac32cf2f41e7abd311184cdbbd491f6e2e45e5513c55ff279c332f38446959a8aac2e12
-
SSDEEP
3072:P6f23HFWZcHNEbqgONUeBz65/M6If+3Js+3JFkKeTnS:P6ekmHNEb4xBt25
Score
10/10
Malware Config
Extracted
Family
xworm
Attributes
-
Install_directory
%Userprofile%
-
install_file
EasyVPN.exe
-
pastebin_url
https://pastebin.com/raw/yDh2MHWR
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
47cf511490414b971467de3ef94f38118a1a12f3f8d1fe176781cda1df3b5310
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections