General
-
Target
7f526f8e69930224f3eb5bcc3a5c610893ff7e829eb17a1cffdd11f5ea038907
-
Size
92KB
-
MD5
24fb21de3a39e76db331309fe7e2236b
-
SHA1
9539fb00d6f01a4cd55339510acc859839e32e3a
-
SHA256
7f526f8e69930224f3eb5bcc3a5c610893ff7e829eb17a1cffdd11f5ea038907
-
SHA512
b497d71d5187e6eee1d89f60245c718c737dade544e99c24ef34a1b1545beaa983fc525ffdbd6e68340ebec27d079589d29df48e5232726322c89062c0c77464
-
SSDEEP
768:lNrySCR2pC/tCRPCS9Zgd7tMFoVbqw9JphGAlbreCxjrGVF3O3lTEi9X+fyFI:fnC/tCv9ZJFHw9VGqlxjrAF3OwfeI
Score
10/10
Malware Config
Extracted
Family
xworm
C2
make-catherine.at.ply.gg:58313
Mutex
Xr9lZ1gKsOId18nQ
Attributes
-
install_file
WindowsServices.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
7f526f8e69930224f3eb5bcc3a5c610893ff7e829eb17a1cffdd11f5ea038907
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections