General
-
Target
mod menu.exe
-
Size
76KB
-
MD5
88123e7d452bf7607be7b24547b1d532
-
SHA1
2867e62e748b4a050a381fb1cc7ddc5f266422d9
-
SHA256
884814bb4c1b516c7608c7a8ef3356e7459fc3afc44d6dae8eb96fa87d862b13
-
SHA512
c6a7c3dd9c5314d2e6a06167eb514698210d0a11aa2cc218e289a1557ef60e290557f9fd585ea5c4ca70cb849d01e021dd559668c60eb6044a4f3dc87885c1d2
-
SSDEEP
1536:AqnnFRiMQwuby6Nlqxhtv6qi29vekb3dTXmUniE2G6j6ZmOSqGqkWo:hnFRWjfqt9WkbNTXm+2H0mOSjqto
Score
10/10
Malware Config
Extracted
Family
xworm
C2
t-abc.gl.at.ply.gg:29321
192.168.1.45:29321
Attributes
-
Install_directory
%AppData%
-
install_file
windowshelp.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
mod menu.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections