General

  • Target

    Waveinstaller.exe

  • Size

    4.1MB

  • MD5

    824079c5d4a7d53d01aa58793fcebb77

  • SHA1

    7f462a45f71cb8f670c53d5665c4c09a1b2ea85f

  • SHA256

    897a00fc4b1282d01828017435f79cbbefcfcde857c85876200abace08c20605

  • SHA512

    7d85534478855d16b611f3f4f88a7054821e578347e67981178f71d28eacf770cb8b0c80f0f84d73558793220a2a04305c28a67514179d4283ad09585ad3587b

  • SSDEEP

    1536:7jjkn2cnKMExYSlUpWPPepgXbhPjyY1UIWQ3/3C76jiOdCUZKg:7jjLcKMazkObhPjyjQKIiOdCqKg

Score
10/10

Malware Config

Extracted

Family

xworm

Attributes
  • Install_directory

    %AppData%

  • install_file

    svchost.exe

  • pastebin_url

    https://pastebin.com/raw/sGaZ7csB

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Waveinstaller.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections