General

  • Target

    NovaFixer.exe

  • Size

    37KB

  • MD5

    293437ce34542523e7390ed1f11163b1

  • SHA1

    38223d62298c542aa7bdd6904f1667154268d2a1

  • SHA256

    9413d92962245c903db46af3e7d14098b71a9ddf3c24a39c4f34656f329b86c1

  • SHA512

    35a79085038e0b6494674aaa13e358aadccd70c007a0eca31e8ff31e8025b86d3dec3e1aa35da4c0f3fce4e5b370841d023bb525b7a716e9347967b299460a5f

  • SSDEEP

    768:PXgDDJQVzM6rQpT5ISvXa8hPfn/Fs9xVJ6OOMh+3Y:PQHJ6zM6rD+q8J/Fs9xVJ6OOMsI

Score
10/10

Malware Config

Extracted

Family

xworm

Version

5.0

C2

192.168.0.24:56094

dane1c-56094.portmap.host:56094

Mutex

psrt17lHHq2JQ44w

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NovaFixer.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections