Overview

overview

10

Static

static

10

NatroMacro_1.21.1.exe

windows7-x64

10

NatroMacro_1.21.1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NatroMacro_1.21.1.exe

  • Size

    158KB

  • MD5

    b58d2c1a2f6a201a728290eec00c8a3b

  • SHA1

    5fb16485ee1e9c57b1d5025d58772cc4b8816c78

  • SHA256

    fb95f5794977ee889f82cb0720e65dfd4af77576b1a321499cd1b94322b1902f

  • SHA512

    fbf6d2e9b3b1b8c1ead35540d35f5a434c9ae87b4edf60a8ea421beabb3cce055a0e03141cdd5cf777a5bd7b7b75c9d11dcec4d6061acb9f862ebe40a1df5c94

  • SSDEEP

    3072:CIhse1Jb5cKsEzL+rsOGca/4Bz65/M6If+3Js+3JFkKeTn7:HhdbxzLrQxBt25

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

engineering-thoroughly.gl.at.ply.gg:32901

20.ip.gl.ply.gg:32901
Attributes
  • Install_directory

    %AppData%

  • install_file

    svchost.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NatroMacro_1.21.1.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections