General
-
Target
42a96a71d61fa31676c36a5e036d87dde899e1197a45c48833b4bfb4770feb01
-
Size
138KB
-
MD5
6f2933da19f4b614e6c8df1b924bfaad
-
SHA1
37080e506a8b1409ed692434dc010a2fd5596078
-
SHA256
42a96a71d61fa31676c36a5e036d87dde899e1197a45c48833b4bfb4770feb01
-
SHA512
bc96d82c6a05d5f6f1d8f9bc9de6dec96622a447abce3abc4d2b34acc0bd99439b5857dc5f7fbf0b59c5f0b0710d24db8d9ec2f00ad34d841e7f6b091c53af1f
-
SSDEEP
3072:1S+h9PGWAIFY9KiFOps83Bz65/M6If+3Js+3JFkKeTnq:1/PlY9axBt25
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
takes-sbjct.gl.at.ply.gg:41371
Mutex
MxqHSXsrqbfmnzhV
Attributes
-
Install_directory
%AppData%
-
install_file
WindowsLogonIN.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
42a96a71d61fa31676c36a5e036d87dde899e1197a45c48833b4bfb4770feb01
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections