General
-
Target
bSgJ.exe
-
Size
33KB
-
MD5
808e7cd14ef26b8060beb85b883e6426
-
SHA1
47f2bf06551cddf4734eead636327b8bef29b7b6
-
SHA256
83d944990a78952d5defbcc1ab47a9f9464a6e84890816a01310bc2d2f97b2c1
-
SHA512
861683f3b28c3e0fd8855def6560874aa2086576b15985c5279bb9a527361f2b13ca03e2dfc19c001ce4072c133268add109b3c94c4ce029aa45431c62be7909
-
SSDEEP
768:8o4fK1pDGkptwyZScCBSUapNgqVXU/kZl+Bcgo5tlTF592qO9hLdRP:9DGkptwyZScCkU4rRUsZcB5o5HF592q8
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
tcxerr.duckdns.org:6677
Mutex
RSH70dBwgOkTVB0X
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
bSgJ.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections