General
-
Target
961a038e60b216712b5824eb260a3e00N.exe
-
Size
79KB
-
MD5
961a038e60b216712b5824eb260a3e00
-
SHA1
5236f18ade23957f73b770254ae7604e85aa9bd4
-
SHA256
b6535a402e775281ab70f8dc697c48f8eccd6c25ef604766db6f3477a5e9d9c5
-
SHA512
8489feaf70236f23f1aad7e45bb2ff34f18961f0b54365e6990ab6f32caf43a6e556d723c397fad94248150279bf8d4724567b364a1678c860288f2e46676c20
-
SSDEEP
1536:a1ovVZ1TyACVpV7xrNP7lrAIp54bsbROk75I6OFy6bihOVUOYc+yg:a1YVZZGpbNPRDP4bsbjO6OVVUOfFg
Score
10/10
Malware Config
Extracted
Family
xworm
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
-
pastebin_url
https://pastebin.com/raw/xExrGyGy
-
telegram
https://api.telegram.org/bot6221873785:AAGHSpUMZB77GsPIW79g4B4IeioPAa1gQyE/sendMessage?chat_id=932052459
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
961a038e60b216712b5824eb260a3e00N.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections