General

  • Target

    ExecuterHelp.exe

  • Size

    69KB

  • MD5

    357083dd92b1738fe387a67741c469f1

  • SHA1

    e53381ae11a9110bfd243a41192055e265150a4c

  • SHA256

    096a954eb1c0f09b0f4351bb4172d8dc6ec7fcf5df3ff1a876acbf8299def3ec

  • SHA512

    15111b1a876dc22c6b8d591b4e9c58e0c01f74aa44bd9e606bfd7ea2e43bac6df90f5d7620343ab7ea6aae29ff799c2485f7338d81a8edae8f6c3784d2f4daf9

  • SSDEEP

    1536:NR4LPQPqR3Kj4ZsDaR1ESb8oGGRU68saO9RRrmdEJ:c/96Pa1ESb8o/TaOPxnJ

Score
10/10

Malware Config

Extracted

Family

xworm

C2

where-reverse.gl.at.ply.gg:18649

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    Helper.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ExecuterHelp.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections