General
-
Target
6d2e418121082257cd6ea8ea7adacae1723003d03bde9ea3c0c396e033892f66.exe
-
Size
34KB
-
MD5
121602c80204ce250c2bb4ba098c6e9c
-
SHA1
e5547e67e3a0efd7611590785143443a23ec9c0c
-
SHA256
6d2e418121082257cd6ea8ea7adacae1723003d03bde9ea3c0c396e033892f66
-
SHA512
c96f8738b4e4ff1a3b2f83d77689d0d4429e26c44b5d64124fbea458d087704f28dc1960c45825a36f1c54c2ce997657d738d8be653f81c8e8d7cddd41588b09
-
SSDEEP
768:AYBpz/QvWZqvoXu24OFrCxxF39XTp6LOjh/bUJ:AYBpz/QvwtbFGrF39XV6LOjN4J
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
127.0.0.1:26848
on-modules.gl.at.ply.gg:26848
Mutex
wrmsNSNXixl9dMEG
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
6d2e418121082257cd6ea8ea7adacae1723003d03bde9ea3c0c396e033892f66.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections