General
-
Target
WinRAR.exe
-
Size
226KB
-
MD5
17ed360ecef58e2d2454c59d86171ebe
-
SHA1
94e79264cdfa2f148396c2501af4291c435432c6
-
SHA256
1b5a18e66e9b7afc9a9ad6f292dcbc94555a54741c5e2711ce22d3f9ce14ae8d
-
SHA512
9458adb4687b60a0ccd265a72b186a88cebb4eed318ad023900c8eaf0a357bcb4d1d345c5796ff14a9f45d24908dbe52657ac649d9cdcca759ea916d88dd1901
-
SSDEEP
3072:zaUhk7Ww0+bDAuhOBEW8SKfbzxcwg7es6/Vsb8VKTu549oJMfF/H9N3Ky9NzLn3:E7JlbcUhcX7elbKTua9bfF/H9d9n
Score
10/10
Malware Config
Extracted
Family
xworm
C2
clxpv3-51562.portmap.host:51562
Attributes
-
Install_directory
%Temp%
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
WinRAR.exe
Password: 2314234
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections