General

  • Target

    Private Key (infected).zip

  • Size

    137KB

  • MD5

    70d06330e186df7cc1230934f1c2fc13

  • SHA1

    0b34665615ce674e3d5597f195e1dc018c154ec3

  • SHA256

    31b5dd4b9119afd13692f5a3d204b139fe78affae1d1ceb6ca426ea59d8a1df1

  • SHA512

    1c2e0c1f9ef11fb600a6ce35325a44faf228aa17dca7dbfa1001fa3c2333725d4fe46490921329a2eebe638d930e4152a50ccdf7830bbf8240806c2d128716de

  • SSDEEP

    3072:gJLIHRnm9UzCz+J8qETkduWSmRVtVHWWqVrAUEUy6c2kinJhtORQe:yL79UzCyJ3Ok79bZqVVyVQns

Score
10/10

Malware Config

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Private Key (infected).zip
    .zip

    Password: infected

  • Private Key/AUTHZAX.DLL
    .dll regsvr32 windows:5 windows x64 arch:x64

    Password: infected

    3881d3ee51453a6e9e3ac735259011f1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Private Key/BCSAutogen.dll
    .dll regsvr32 windows:5 windows x64 arch:x64

    Password: infected

    11b08427135a414be3c350ab85d599df


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Private Key/BCSClient.Msg.dll
    .dll windows:5 windows x64 arch:x64

    Password: infected

    200812e48ebabdae7f0915f833d14764


    Code Sign

    Headers

    Imports

    Sections

  • Private Key/BCSClientManifest.man
  • Private Key/BCSEvents.man
    .xml
  • Private Key/PrivateKey.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections