General
-
Target
c11efa494a57ce765fc9966c392a8c0168c308036c25e9264094367440b6e7f3
-
Size
236KB
-
MD5
32ceabb96383dd10e7e1b81b5a7172d5
-
SHA1
4b77984d871887252ae8a4c698fbbbd8e6af6fd0
-
SHA256
c11efa494a57ce765fc9966c392a8c0168c308036c25e9264094367440b6e7f3
-
SHA512
784e9c3a85263c3720f2e7dde1cf66f9761c9b11c3e664b52425019bdf799f504034991a3a90730b69db3e9bb9c1f62459b259792823400a7223b7ffc9c3d184
-
SSDEEP
3072:2IBL0F2988OjrLLAsNeDF5nI0PGIj9lua/Obw0hFv2PCWpIdp:2IBLu29QL0sNOBTunbw0/5Wp
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
22.ip.gl.ply.gg:25132
Mutex
RymNaZySkzhWjMqs
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
c11efa494a57ce765fc9966c392a8c0168c308036c25e9264094367440b6e7f3
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections