General
-
Target
24da489ea8a9ee7c2a48ca0ed426b84bf502a99e338333bd14aea94857d1dd0d.exe
-
Size
36KB
-
MD5
df39a037e099b52250fa01de2724ffc2
-
SHA1
af074998d2605989ce9ca949c8d38ef855018a93
-
SHA256
24da489ea8a9ee7c2a48ca0ed426b84bf502a99e338333bd14aea94857d1dd0d
-
SHA512
672f51a0cfac1eb763ae4c9fa1cf1be54867010fca368775ca03b724724dfaa7a332331fcd76c76716ac037043ab63e91d13ed2b522684375911cc3bd916bdc7
-
SSDEEP
768:+1KTDu6CiPkO+1GijHvFj9O0a6LOjhlfbBv2P82:+1uu6bLojPFj9xa6LOjrFePz
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
147.185.221.21:15927
Mutex
0hqt1UXAKYaXqkZT
Attributes
-
Install_directory
%ProgramData%
-
install_file
Relatek Xbox Audio game bar.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
24da489ea8a9ee7c2a48ca0ed426b84bf502a99e338333bd14aea94857d1dd0d.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections