General
-
Target
7чит.exe
-
Size
35KB
-
MD5
c72cf3322b70dadb2eabfcdb7ecd9816
-
SHA1
ebc7fda12492d1c6b81d140b704933040c641be6
-
SHA256
2ba67cb3b309ecc5faf5705af16304b30a835c851aa59b1a05cb969c56e8b35f
-
SHA512
36aa399d640218d3f69c6298cff3ca1ae129748dd0cb2411f61e863417bfa70aaa7ddfc40204c0831afccccc5089f9408a6274b557fd557283629ee2e0fa7a5c
-
SSDEEP
768:AAcLODKXA3+jEwCSjN82KJRAxFk9AI6RO/hzbGK:AVLIzT0wRqFk9AI6RO/JaK
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
master-accused.gl.at.ply.gg:53160
Mutex
tqjmUOGVXtXXs6TJ
Attributes
-
Install_directory
%AppData%
-
install_file
Runtime Broker.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
7чит.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections