General
-
Target
ZeusCheats.exe
-
Size
84KB
-
MD5
c5dade98bf682d23d503574894bbf8d9
-
SHA1
f84c625bd4a2046682e3fd9821c06dccaa0c13a2
-
SHA256
e5620a7a4801062a92ed47c3495e14247de7e1bbb03ba68197817d4650dfd1c3
-
SHA512
f80239a7605694fe61fad837d26c99680fb7e9d0ec79745d76153099ba08783521586bb415d5ee8b741d5374e97d4608af24e77e5d5653b864e805c4db4e1fe6
-
SSDEEP
1536:O6f7TFDYv7KIbpfkztDF1Z96euOCwGFuRLIb1XmRyx9d6nhORiQLwtKQ:O6f7TN27Kwpf0F1ZMeueqk0b1XtYORiP
Score
10/10
Malware Config
Extracted
Family
xworm
C2
remove-disorders.gl.at.ply.gg:8848
Attributes
-
Install_directory
%AppData%
-
install_file
Update.exe
-
telegram
https://api.telegram.org/bot6209596280:AAGzPbbZENJ51WwWxsflkjFkLcG1UCaw6IE
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
ZeusCheats.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections