General
-
Target
SpaceRatClient.exe
-
Size
47KB
-
MD5
840883c02895ad30109b53d1409049a9
-
SHA1
3b4fe1dffa33fb82073d0240b1de86db4820eb4c
-
SHA256
f145642eeb25d5555b3f959d44d886c446e93f47f2511d298d6debb792272e81
-
SHA512
645ebcc127e098bcd4eee1c02ad2ef8ac75439051d81ea9eac882d34fdc8a1425a31fa08eadce06cc6d7f1cd0fb77046813ec9debb9af364c43bec66cfe2a090
-
SSDEEP
768:go27ugPHB/82j0Woi5xAMhYLJYeCdKdQ9V9H9/tQhLOu13D/F7mW:gqCRXrCw7V9HQ1OuD/F7mW
Score
10/10
Malware Config
Extracted
Family
xworm
C2
he-tower.gl.at.ply.gg:26102
Mutex
jgJJuICnoL3Qqm5Y
Attributes
-
Install_directory
%Temp%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
SpaceRatClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections