General
-
Target
9858b58784c5c31cb009b460f358dbe0N.exe
-
Size
59KB
-
MD5
9858b58784c5c31cb009b460f358dbe0
-
SHA1
4071b7d709faf8e420a8f42977c99fcf40fd5eb2
-
SHA256
1d9d5421af5c484e34ba49a9a7ec61e1dfdef6c41b0017ff761342589dacccfb
-
SHA512
ceeb63003184857240e1a670cbea6f8c469dfc134f066f771944518a3de32550877032661d14bf8a11c61b6445d35c9658be619d1aa35841c1ee6c723b439167
-
SSDEEP
1536:5gkAOwHZCiQnb5k0wLCzlcaH9nSHi9dS1EAd8IIu:5QYnb5Cuz9SHi3gEA6IIu
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:43771
y-drives.gl.at.ply.gg:43771:43771
Attributes
-
Install_directory
%AppData%
-
install_file
dllhuy.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
9858b58784c5c31cb009b460f358dbe0N.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections