General
-
Target
Dettex.exe
-
Size
90KB
-
MD5
1c2a253948135b876e3fe148f45040f1
-
SHA1
c546d4e05316819469003b332b4bd2a9c4e5f5fd
-
SHA256
264cfa973e4a1b05c208728074dc9b072c180502494644d324086ba66f791c7c
-
SHA512
b8e2887c5a7562a001ed013aee2f747aae3e916c85810aff2e857272f75be6c06fd8774a4c2d3676a6fe60dce57f4f9f223092f69036dde4378b71ed9fae7b7f
-
SSDEEP
1536:4xnmcCQLrqkUScY177xIO0bOU5pXZX8b60/S/OPEp9QcmzhRaA5am:MmWn9Uy76ZbHp8/2O49IFRN5am
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:22100
wide-casting.gl.at.ply.gg:22100
Attributes
-
Install_directory
%AppData%
-
install_file
Dettex.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Dettex.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections