General
-
Target
New.exe
-
Size
39KB
-
MD5
b4d443314462b4df0dc8b7c33085b0a2
-
SHA1
7aa1bd73ba5ca27d97f0c714fdd86cfdd887304b
-
SHA256
087f62458517a3fac322b3c8feb38959377bc1bbbee6174fbeb41b6c25a4499c
-
SHA512
3184a175f7219c1253ce2cfadda36e9d50b2845802419b60da84175cb41096c85bdbe265665558d76a723e7286a4b5f99aaacf2fef5200aa0bc925ea23f38733
-
SSDEEP
768:8vuzg/d8wQCu6v6hCuuJf27P1fFWPG9/a6OOwhYjmbF:dz68wNhwCuuJfUFv9/a6OOwGSJ
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
46.146.46.81:7000:7000
46.146.46.81:7000
Mutex
FaNJqzJhSyTDj5Pr
Attributes
-
Install_directory
%AppData%
-
install_file
svchost.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
New.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections