General
-
Target
9fe64529733d8081d761fe73bd8bd050N.exe
-
Size
40KB
-
MD5
9fe64529733d8081d761fe73bd8bd050
-
SHA1
59169cc1b747d152ed63585c8647802b3a7eef5d
-
SHA256
0b7939ef0cb642e0f04d2e7480f00499a3db156aeb173f081887580f651b9e75
-
SHA512
580319387c189f37711ccfc881840f7071d9e94dcf591364134734696e44fc447f94cb55040eaa91b093af20c033719ef7c7e480bf85db7adb2de9aa7479fb2a
-
SSDEEP
768:pNfPMSk3K/EzTb/0X8WuFZ4ZJF5PC9O9SL68OMh23/aZ:nf05a/CTjS89IFc9USL68OMsK
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
154.197.69.157:1433
Mutex
V3fxvi2xf7WP9bW6
Attributes
-
Install_directory
%AppData%
-
install_file
crss.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
9fe64529733d8081d761fe73bd8bd050N.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections