Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e5f8cfe6e345649c62e0841baf930dc2f9274205e0eb7bd8d90c9099967fc7b9
-
Size
68KB
-
MD5
8fe37834502c9cad2a3f4bc4676e16c2
-
SHA1
b094f4930779e4736faef853eeea262dc8708884
-
SHA256
e5f8cfe6e345649c62e0841baf930dc2f9274205e0eb7bd8d90c9099967fc7b9
-
SHA512
1c2ad55d9f75e4ddf3a3fd50f53b49b01e2d8a05333fca8c08444fda8a97d8f3245c1373703ab2eb3ec1267e41cb79dc0df66049c36ae255ab97cccbd690c449
-
SSDEEP
1536:MATJ3GFPtJ+fEnKZy4bkd3Th64OP/KKoKiR:MATJ3GFfcHbkZOP/KKcR
Score
10/10
Malware Config
Extracted
Family
xworm
C2
africa-panels.gl.at.ply.gg:36327
Attributes
-
Install_directory
%AppData%
-
install_file
svchost.exe
-
telegram
https://api.telegram.org/bot7097357076:AAFNLSm-3pej5b-uWHuJ42vA2ifmYBH-Apk/sendMessage?chat_id=6237826260
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
e5f8cfe6e345649c62e0841baf930dc2f9274205e0eb7bd8d90c9099967fc7b9
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections