General
-
Target
ftn.exe
-
Size
55KB
-
MD5
f6e133533877f0092d160c71e4383415
-
SHA1
707edc1aa2225f2ca20602ed8f00a643b87d7bb0
-
SHA256
6f57d9dbdc52092ac6e2507d7a663c11ca862c68a8212a8e7901ce75aab1c967
-
SHA512
5cc6dd824476fe867114739d63ec51fe0bd5c553d0afd62eb8bbc9968da53317ab26e8b90554d61bb6327165e316a03566c20229f26707964af591f73322c8af
-
SSDEEP
1536:v5gvz7i+OQUG0AA45RXWwR36zkbsG37MZkF/CtbgOvLZ:v5gypQUG0qXl36zkbsVYK8Ov1
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:4545
politics-challenging.gl.at.ply.gg:4545
Attributes
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
ftn.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections