General
-
Target
Searials Spoofer v2.exe
-
Size
303KB
-
MD5
1c31295968b6cadd0f0828a85de98046
-
SHA1
485d86876882d6fdee9702c0b187505e4ea40052
-
SHA256
b71c16539f53b983dda629c462fc73870a9bf0b0540e2519df095c59510bcf65
-
SHA512
239e69ae8b59fb45d1c065f18511b3aea7a88d0dcf7496498e3d827c4f0bfaa24c0f16714a0a770953fdd67542d39ea2728167b4f3a58227397a72e77e53302b
-
SSDEEP
6144:xdl9iZryT1R/eZp06ntBfX4MYsPOAtvjDukP0mcu:zR/SLnsbsZtekx
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
127.0.0.1:7000
Mutex
7qYyGvaCPCzZBzRk
Attributes
-
Install_directory
%AppData%
-
install_file
Spoofer.exe
aes.plain
1
ZVvZIMV2hJOEWEIbuF4wzw==
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Searials Spoofer v2.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections