General
-
Target
WobblyLife.exe
-
Size
44KB
-
MD5
4ee1c154fbae8e8f36662009a6a408e8
-
SHA1
bf769f24197e950c7ec9b4d1167ef2d87ff6e08a
-
SHA256
3222a4d6c5d76cd1f41332cf9804ab2ba4c8ae24205e1a724a56d24501409cd0
-
SHA512
61be6e5e179702206375574ba53d856bc6262c340339e84d9a1810dc7c832bc2a0aaf08cb0391e9ac2946ace9c6df0deac5e04f9ed0a292d1d748b279c5e5581
-
SSDEEP
768:/O36H7BEIliviyzwmLI8SBVKSbFEPa9b976tOFhOzbKSx:/tBE9cmOBVrFd9p76tOFQXx
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
Javv-46764.portmap.host:46764
Mutex
l5kkGhZ0p1VdMVCI
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
WobblyLife.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections