General

  • Target

    ZoraraUI.exe

  • Size

    193KB

  • MD5

    77c05c3400cbad0f82594ce61e79fb0d

  • SHA1

    b3ab6a55f2b37173dd647ae719f98310283ff6ec

  • SHA256

    3ad136a00790b48ab2ed4bb823e5231fc6e627f301c2eb023406829687c4b299

  • SHA512

    35458e8117198d2daab170ca553f4d8846bdc73b7a8a8318aeb9a86365a2ebd36be910e47d46fc63a034654b65cb940124af1277d862c55232683433164e76d8

  • SSDEEP

    3072:XCZxI1ugFkM9bLLIOVKOo33YymYwSKgIwB:XCZS1lyUbXICmtN

Score
10/10

Malware Config

Extracted

Family

xworm

C2

88.127.230.152:49152

Attributes
  • Install_directory

    %AppData%

  • install_file

    ZoraraUI.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ZoraraUI.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections