General
-
Target
3a497f91e40ea06b2617d5503d9b1667c53c74450c81860795119194c4afa747N
-
Size
32KB
-
MD5
c526911187c64bbd86ec7f6df4696220
-
SHA1
a617a0104b13c3db9aaa33f321bfd17f390355e0
-
SHA256
3a497f91e40ea06b2617d5503d9b1667c53c74450c81860795119194c4afa747
-
SHA512
d28d8aa7e11e3bd0ea516286e03d1ded4e9d74ca90739f7a369d9b7a02090486592ed1a90f1e61bf740c15380b6435b848abe5dbdb73ac032e6c74286ae5c8d5
-
SSDEEP
384:DlRmhGD91SluSWhnHHxzLmYV3Tm2eaFOL1dRApkFTBLTsOZwpGd2v99IkuisgVFO:ZRPD9OQhx/BV3Tw4e1dVFE9jNOjhKb2
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
127.0.0.1:5777
192.168.55.107:5777
Mutex
2fMtaAYtagtrwr7c
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3a497f91e40ea06b2617d5503d9b1667c53c74450c81860795119194c4afa747N
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections