General
-
Target
6cd378a5a54be5f9d3d41630c7f6e190N.exe
-
Size
38KB
-
MD5
6cd378a5a54be5f9d3d41630c7f6e190
-
SHA1
6982b5a984a736681595e948ad1a40d25544c5db
-
SHA256
5e870fd7581fb8af541079eb434664128f226a0b8b22bd330150781e62c092e3
-
SHA512
3269daf8edfd104442c4f4427bb979325f02e10395bf9e109bb5121259bacfd4d6db1d514f7c1aae36ae2ea5ebaa0c3b5878c4cbf32c5487cad194d892267e87
-
SSDEEP
768:ZbDb8jaPrNaTcgpX4O4rf328RjF5Pn9fr6GOMh4IC0Cps:FbtrNaTcgpFq3PZFV9fr6GOMJ2y
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.0
C2
prev-syndicate.gl.at.ply.gg:44090
Mutex
78TjhE8iNofCM2a4
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
6cd378a5a54be5f9d3d41630c7f6e190N.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections