General
-
Target
efd713bfdb34ef598e4eed861f6eb980N.exe
-
Size
70KB
-
MD5
efd713bfdb34ef598e4eed861f6eb980
-
SHA1
703bb532468ddde98549369d045cfaee00ee5afa
-
SHA256
84790fba6f00d77075e799800cd218fadb890cc6e02bed1655c0c330b0c1a338
-
SHA512
5b526019f8bb6d8e925b44c44d81b4c32624e52a7c4cf62d0a49611fcc2aefe0b2b90f06f928ddc7ee648c14513c92aafd3569c070d595731b951302b91ed25b
-
SSDEEP
1536:MCMSbVxqfgb1gR9yyMu+bfPD3cPbjkfi76E+Gb3Ondk19Z:MCMSb1gR0K+bfjq7+Gb3OdkDZ
Score
10/10
Malware Config
Extracted
Family
xworm
C2
22.ip.gl.ply.gg:20957
Attributes
-
Install_directory
%AppData%
-
install_file
Svchost.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
efd713bfdb34ef598e4eed861f6eb980N.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections