General
-
Target
82ba9a3e23467bf8d050228ce1837146fb4bbab82a42c2854e828ff2bd281f73
-
Size
92KB
-
MD5
997d9ed8a615b1cf74ad0b37d6df9945
-
SHA1
e1015382b0e1a4735c0e5f27493f72c5f8bfaa7e
-
SHA256
82ba9a3e23467bf8d050228ce1837146fb4bbab82a42c2854e828ff2bd281f73
-
SHA512
30439a996069463cf2141e5bfacfa843cce787b30b51ae9d9cadfe953995afbfceecd0965efe518c846c4c874274df71f853dd7078952070c4a741cbbfd06614
-
SSDEEP
768:kNrySCR2pC/tCRPCS9Zgd7tMFoVbqw9JphGAR/reCxjrGVF3O3lTEi9X+fyFI:OnC/tCv9ZJFHw9VG+lxjrAF3OwfeI
Score
10/10
Malware Config
Extracted
Family
xworm
C2
make-catherine.at.ply.gg:58313
Mutex
nd1YAR4MRQ12GjgQ
Attributes
-
install_file
WindowsServices.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
82ba9a3e23467bf8d050228ce1837146fb4bbab82a42c2854e828ff2bd281f73
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections