General
-
Target
940e9575b88e65925a1022c976cc1beb0a75c42d7a956a7b6e14bd7d48038a2b
-
Size
70KB
-
MD5
fc2adb95856fbd7850ffe80550556c84
-
SHA1
f763d8ebb60a91ebe560ad8bb1ebd26200c60311
-
SHA256
940e9575b88e65925a1022c976cc1beb0a75c42d7a956a7b6e14bd7d48038a2b
-
SHA512
895b3be411cc1cb2e4cd4561e40d20b95c6ae0292f2c8698ce0225a092a4a2320be4a2f5360f3010bca423ac4b8446dc8b637a9a2d2452e483cf82602c21d3d1
-
SSDEEP
1536:TLsxzl3saJFUumj5X6UWQbuoZhsWlQf6AeOqzTD23:TLspxs+UumvvbjdQaOq/K3
Score
10/10
Malware Config
Extracted
Family
xworm
C2
different-da.gl.at.ply.gg:46568
Attributes
-
Install_directory
%AppData%
-
install_file
System.exe
-
telegram
https://api.telegram.org/bot7872237749:AAF0xKTawqNrsH-1Rsq1CxgAFFTtw942WZA/sendMessage?chat_id=867995626
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
940e9575b88e65925a1022c976cc1beb0a75c42d7a956a7b6e14bd7d48038a2b
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections