General
-
Target
9a8e075e4a469d08ef7be25024d178c30015e97ab8af1761ebc82f30652d43b5.exe
-
Size
177KB
-
MD5
a6dacf13c7d883d6861ae4bfad3dfc28
-
SHA1
631cea20d99dbfee52ebc8a7c9853ae3d045cc9b
-
SHA256
9a8e075e4a469d08ef7be25024d178c30015e97ab8af1761ebc82f30652d43b5
-
SHA512
139b154e4d404869e4139bf4fa04b40bf8113343f59559644d3f77f2e86797f4d5b6d24af28d7bdd32bed5a9a01e1cc23fc3aea0abec9a498c01712d93c367e3
-
SSDEEP
1536:MFTez/gVXgAZrZ+wIlMGWaJ2ZgNYn+bERtzVZQ8z6MEeOtZ5LpDE9:G9K0n+bEPzVa8IeOtZXDE9
Score
10/10
Malware Config
Extracted
Family
xworm
Attributes
-
Install_directory
%LocalAppData%
-
install_file
OneDrive.exe
-
pastebin_url
https://pastebin.com/raw/TCyZQJvx
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
9a8e075e4a469d08ef7be25024d178c30015e97ab8af1761ebc82f30652d43b5.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections