General
-
Target
8b443bbb8ce11c42914085dbe7580c8955a0aa734f6e16b16d59ec75b2dbb4d2
-
Size
41KB
-
MD5
8ae8b784f559521a967cfcb5a547c01a
-
SHA1
c5357a9a78df365346bc79d0c264c9afc7d3dbb1
-
SHA256
8b443bbb8ce11c42914085dbe7580c8955a0aa734f6e16b16d59ec75b2dbb4d2
-
SHA512
8290cc7e00a1a5283f14eca3b23360f752fcf83d87f5c251afba2371f28c72e6beaa59300c178cfbce6881dfb30bad3eb5c6fa3108d4392d5a1706338173d853
-
SSDEEP
768:oreDweeLOoHdSgDder3XvgggzLJF5PG9pmLj6vOwhH43EizD:5DweQldSgDIjXvvgpFI9ALj6vOwqFX
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
147.185.221.18:42996
Mutex
SLopAV8UrbGFfVlc
Attributes
-
Install_directory
%AppData%
-
install_file
Windows host process.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
8b443bbb8ce11c42914085dbe7580c8955a0aa734f6e16b16d59ec75b2dbb4d2
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections