General
-
Target
XSetup.exe
-
Size
49KB
-
MD5
7b6b5c3e824d014509255e1050ecc97a
-
SHA1
fdb2012b7360a09ecda264e0b9ad0615ca610a39
-
SHA256
0a1bc96baffd86b60245572ac86f4635bf48e50e9cebb58f2ef58ddae79349e8
-
SHA512
9fbcf02d5a60e4549337caea48aa4189be828529536b43d9ec878e1021e75b51482b417e3b5d9931c24f84bb9400355f7243368f40a50604f1716d6b962890dd
-
SSDEEP
768:P1wDRCD36ONpBR0U8vVJwBk6ukKdVC3KwIRTdQLzr9958+tNeX/s:POIDnjBRUIOWOzQHr9bas
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:2222
Mutex
pJK9xKShqR0NukI9
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XSetup.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections