General
-
Target
Rogalik client.exe
-
Size
39KB
-
MD5
5986a1b7b2672e2d55fad8398f2e5156
-
SHA1
bdcc406fc7f9741536be05c7405d4786911bf365
-
SHA256
5e3c9f34c7d4a3d98121988d0c3cb2049c8175e14fda99864b246dda80621033
-
SHA512
ba2f3c84e44bceb7086431e7fe5f8ae477eafaf1df707a09d1db6b62f16dcaf9ac228cf1049ef284cbdb4e18bef151ee59d8340d62428a9a4f93d3bc5dc7880d
-
SSDEEP
768:pHy/gfUevnMshwZsSERDPiKuukR7LX4TfFWPt92/M6cOMhPaBe:pHyCNv9hCPERbiKuumnaFe92/M6cOMZd
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
warning-accounting.gl.at.ply.gg:24816
Mutex
LmxtCcvlkJKjxGMR
Attributes
-
Install_directory
%AppData%
-
install_file
Rogalik.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Rogalik client.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections