General
-
Target
4597cfda7c207de66f7d4c09ec509270.bin
-
Size
19KB
-
MD5
0eee47952e30970571bcf4117d09dd6b
-
SHA1
48e5203e3c7e9bda28bf1418439673fdd3901314
-
SHA256
d904a007e27230e1363fee892ac8172ececf96d97c6ca25772b7e6f786b23495
-
SHA512
e34702dfcc2e3340768d1d79f6075e2ded4a7bd3e27d02e35a3e7d779e2934e797900b4e36f1ec0b95278e8f500b3a2847ccb6aafa05c27e19c29f72eeecee08
-
SSDEEP
384:pvcgF9ZPAH7dJz5SDMEHmXvrefS1Co4DfSkD3TVnfw3Vvjpn9:tF9ZPAH7/iGXvCfS0JD6k6lH
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
usually-carolina.gl.at.ply.gg:5041
Mutex
y68FICsbms72xDoX
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4597cfda7c207de66f7d4c09ec509270.bin
Password: infected
-
60804fac251fabf3531dce8797bcb197d92c24c9244033534ce8df3752202832.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections