General
-
Target
Bootstraper.exe
-
Size
61KB
-
MD5
da8dbf23dce23c5cf00385ae1494727b
-
SHA1
fc4ced0eb32d0288e897c1e29c20cd10ce721126
-
SHA256
ad8cb6f749b9d64c323b240e8fe66e6451e0413d7924afc0818e1d618e54c239
-
SHA512
af1de953b3c2a94564b2b95830ac258a3f4b035a095f39cef174099fdda83a3ee1e3276c88a53af0917a220eaf19b81c66ac405990b64e3ae13377a81a77ef37
-
SSDEEP
1536:/osbwaNK/6qdtX/4OXWQ4l2Mgcm9bqF2gcozx6HOSW+VW:dU6sx/Xj4InbqJdsOSW+k
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:25957
politics-eastern.gl.at.ply.gg:25957
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Bootstraper.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections