General
-
Target
Defender.exe
-
Size
36KB
-
MD5
fed1dab590c168feb616813a7ac20c8f
-
SHA1
ffa660b1d0f8d7f1d4b9b30e415c420b13eccd6c
-
SHA256
5fd21480e11193b051e36cc259c226313d68bdf0b688b9ec0aacd9a36500c660
-
SHA512
e9af3050325c494bbe32bbb6e6acb784bf3af1031edaaeb8f8998e17c43b71ed320de391f7dcfbdf20da4255cc4092e0d1547b92cfeba12844291ab27c016c81
-
SSDEEP
768:oLAz8nG6Hu51L8Cjuw9FALFyn9C3OjhYD2h:osSG6cj5aFU9C3Oj1
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
making-oil.gl.at.ply.gg:27076
Mutex
g0NPVjtEQldQRbKS
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Defender.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections