General
-
Target
PLEASEWORK.exe
-
Size
33KB
-
MD5
680ab520c34222f8db79f48b3b587ff3
-
SHA1
bf86091d6643fca097b957b3bdd46e1a90ffa667
-
SHA256
e405c3dc5f44cf77fa84e8a111a2c39eab695e729b9c09a21cdcd1a38cd98d18
-
SHA512
08165e1694df98003bc6a09983504722327504b81f6637535a49a8cde15e1f06d8a3ecb772b46dd7a5b03a64bb9de4b1740a4723c6b19de1ce38cdfacefcd26a
-
SSDEEP
768:4Ua+vNohsX642JiB70qVF49j4rOjhxb/:3vNohs64WiR0QF49j4rOjPj
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
147.185.221.22:63596
Mutex
jl5gswMnhIdY2W1Z
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
PLEASEWORK.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections