General
-
Target
это вирус точно 100%.exe
-
Size
40KB
-
MD5
1b5eb77c95028f1f0a037cdf922e59d7
-
SHA1
50acd4ca6a89d06ff90e2535ce61b9ed590839e6
-
SHA256
149acfe76687a7b65baca4ffefc576ca1baa7eb54113212622831049da88d994
-
SHA512
801a611fcbcdedec916e731e39a3ba84e12810ef9ac1ecd4737cd561a7ba3e3b37f5ffd4783520494dae5beb55c6066468882a69e3ca56382e72e84e2aec4c22
-
SSDEEP
768:qa7krH8jlOMW88A4NVlwXDUDX+WcvQzFPc9YHLOphbQ4Z:f7krHGlOVYe5SEFk9YHLOp24Z
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
g-submit.gl.at.ply.gg:54103
22.ip.gl.ply.gg:54103
Mutex
43Ou45H2oyqWjrvD
Attributes
-
Install_directory
%ProgramData%
-
install_file
svchost.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
это вирус точно 100%.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections