General
-
Target
fix.exe
-
Size
40KB
-
MD5
b959b8c3505c2e17d3d944ba48d285f8
-
SHA1
0155afd2d2a57d3070a900bbb405145977300b7c
-
SHA256
ea8cd343d704a76b3f3dc8ffacdcfefb56f2d7571a68b42381146d91a9bb5526
-
SHA512
4fdef5114503fd8be5cfd64e945994dcde399239f0c03873a6cd48b2e7a030b99fb755e23f6dfc185274eb4f6712dee0d1ffc68b11d148e701819ebf576d6c47
-
SSDEEP
768:OFrGIhUKXBeFQOnHAvrSH7tF5Pa9qB9Owh43/mXZ:OueBehHAv6xF49qB9Owu+XZ
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
behind-h.gl.at.ply.gg:44133
Mutex
B9kO57FG9eew8BnL
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
fix.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections