General
-
Target
32936373efb0ed64f9f0c4e7758092b1.bin
-
Size
1.0MB
-
MD5
4eaf65c52d9010234039cf49e0eed776
-
SHA1
5defd0635c35f01fd000f56bbd2c663875e9f876
-
SHA256
9bfd961adc579c91bc5a7bcf720fa627c99bb1b76c4c6da53048a94e2c063300
-
SHA512
7bcd4566a492a8ef687b2918cf5de8f6743b6a7e37fc36df77c870bb0f0670c25d99afd3e97f76b641aabc9d37c062255668c3a98361509bd2efb9a47f0198b7
-
SSDEEP
24576:LC5+T7fUK+ZpHAGHEX6n2rScLvRjYJzYgSkf2iFyHj:L5TVapHAGHA82tvpYJzVSsBFyHj
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
crypters.ddns.com.br:7000
Mutex
GGGrHP0Odh89zLnb
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
32936373efb0ed64f9f0c4e7758092b1.bin
Password: infected
-
be5e4c1450e7673500206a30bc02b96351906d45522e137a687c9f93eced0614.dll
Password: infected
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections