General
-
Target
75b1d628fbd841131a382492e3648afd69bbd229fda77a81a8f58f74d89c7b37
-
Size
76KB
-
MD5
8ea7c04dee64589a677106754336c3e1
-
SHA1
ef3a5793936341c92d6c8cfe7018e3b5a0bd6c40
-
SHA256
75b1d628fbd841131a382492e3648afd69bbd229fda77a81a8f58f74d89c7b37
-
SHA512
fe92ea85ba4aa83d23a94176e4286636bbd28958691360a0e6e412063d2be1cc1392afd65deb385f53d6f563c92d4cabbeee404849b71d12b3670d3126f64501
-
SSDEEP
1536:HDFHYoyuZiZbEKXDKbYy6Kdo/QJFnHMbE6xFr0FO5jidfp:HDyoFuoKObVZWQFnmYO5jgp
Score
10/10
Malware Config
Extracted
Family
xworm
C2
20.ip.gl.ply.gg:55257
Attributes
-
Install_directory
%AppData%
-
install_file
SolaraBootstrapper.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
75b1d628fbd841131a382492e3648afd69bbd229fda77a81a8f58f74d89c7b37
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections