General
-
Target
nub 2.exe
-
Size
34KB
-
MD5
1b581969ef2146efc86650cd72703d7d
-
SHA1
9f813cdfd392f89093d57631e55263dbfde6934b
-
SHA256
7f507b99c9093f08d5a163cda561e0a4ecde77f55930e93e00c550f4b70ea58e
-
SHA512
d484779b11d6a720e6c9edbfaa1cbc202ecd2b0314b6a47cfdcf719bd62daff84a4152088192bdfc01da138fb91e1aa49ba5bcf1aa516eed7806bb65a969bd24
-
SSDEEP
768:mXB2GxebH1DyCrhZVFye9FQ5cuOjhnyyEr3:mXB2MA1DrhHFb9FidOjBq3
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
forum-sequences.gl.at.ply.gg:36712
Mutex
kIJ3K8uO5ndUMIFp
Attributes
-
Install_directory
%Temp%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
nub 2.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections