General
-
Target
china.exe
-
Size
34KB
-
MD5
61ffe280e65651237b433ca13be44753
-
SHA1
db6f9ecf0224254425cfc89b8c50c7672f92d70e
-
SHA256
22c94e6a30f18896211c0a3d41722392c059b788f52822b71231b6a951054a0a
-
SHA512
0047d9cb2db3d37b45d7870033ec330f4f01e69da4f2392a5aa887acf61bf22bd7621570289eea24fd24425b1e7dde6d1a1c893d4477267783b40f8844860767
-
SSDEEP
768:DOMm6sgb2F9hqVRlsQkjm6ZaF9Fk9kpccO/hs/fx5:DMP/mbUxojFk9kpccO/O3j
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
address-northwest.gl.at.ply.gg:8888
Mutex
Hi99saipGmhYmM2G
Attributes
-
Install_directory
%Userprofile%
-
install_file
runtime.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
china.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections