General

  • Target

    98936b1a7f4528484d339d9fd7d50e00a14f4fbe55008290eb16f1628585da64

  • Size

    37KB

  • MD5

    d67fbbd03ca764910f6700a26291962c

  • SHA1

    234065b6eae90cc6e4f7e600d60ded9ec0baf21a

  • SHA256

    98936b1a7f4528484d339d9fd7d50e00a14f4fbe55008290eb16f1628585da64

  • SHA512

    029b090f55c13493731ff0aed14f4e54cc005877e2a37a8e7e7a63f4e5a8d5dd2b4260746829b050c6dda3e808220720ed3ee9e8247765bd868fa91152fd50fb

  • SSDEEP

    768:SwX9XtyDkbZ+VMSQkjiBP+aXaFF9W0zLtu6sOrh9I7yz:n99yDlaHJZKFF9jc6sOrvH

Score
10/10

Malware Config

Extracted

Family

xworm

Version

3.1

C2

daddy.linkpc.net:7000

Mutex

7XYtWwylIhsrHJKs

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 98936b1a7f4528484d339d9fd7d50e00a14f4fbe55008290eb16f1628585da64
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections