xworm | lacks[.]py[.]exe

General

Target

lacks.py.exe
Size

44KB
MD5

c5b1a6040033863fd8bfdd5228e18f52
SHA1

e5d722229b5763e1696c0050c03c1bb3e10a985d
SHA256

fcbd4dea80c08ac6b4a9900063cd99e09d0d0ebd8c1f3121aaccfa0633a40dcc
SHA512

bb8e5e1828fa63ee0180977bd3b2c3eac913545d39f275ae4fdcc8edeabd5b24bfbce6fd66e766b7def9c514f12c5ca7ee4c277d300beba60488733df725f265
SSDEEP

768:c0yUbkms0JqxXAsvf1f3okU2jCp/J7X+F+R9pPb6vOChzbWL6f:c0/bkt0JqhAmfR5U2jG/FOF09Rb6vOCh

Score

10^/10

xworm

Family

xworm

Version

5.0

C2

coming-park.gl.at.ply.gg:2444

Mutex

K7NSFqXjepnC2GKu

Attributes

aes.plain

Detect Xworm Payload 1 IoCs

resource	yara_rule
sample	family_xworm

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
lacks.py.exe