General
-
Target
GxMBK.exe
-
Size
1.6MB
-
Sample
230131-z8f8xsae34
-
MD5
049b7a8f84d8c8e7932bfc6e97362c30
-
SHA1
f3d85b5214062a92ecacd0a65e02593e44ab188a
-
SHA256
2716cfd0d3479d42e903bd0c835b91fd5918a02fb63bdc1b52f73921bf4b307a
-
SHA512
eb0c58f723a9c6a2d3d29b10f89538845cfbdaa2d4579de4238a0753050154dacc7832cc20f858b757fd6a2e491b5f775262f670309b7691437910c59a106924
-
SSDEEP
24576:bYO8wJFOtz7uuqEP+1MoIpgpgi2esTTPfQHSvMYdihbjct3sP8ZS3pdWMhLaw:koqAI4sTTP4smZ58wl
Static task
static1
Behavioral task
behavioral1
Sample
GxMBK.exe
Resource
win7-20221111-en
Malware Config
Extracted
xworm
127.0.0.1:7000
TU53fgvTBLouBDSy
-
install_file
USB.exe
Targets
-
-
Target
GxMBK.exe
-
Size
1.6MB
-
MD5
049b7a8f84d8c8e7932bfc6e97362c30
-
SHA1
f3d85b5214062a92ecacd0a65e02593e44ab188a
-
SHA256
2716cfd0d3479d42e903bd0c835b91fd5918a02fb63bdc1b52f73921bf4b307a
-
SHA512
eb0c58f723a9c6a2d3d29b10f89538845cfbdaa2d4579de4238a0753050154dacc7832cc20f858b757fd6a2e491b5f775262f670309b7691437910c59a106924
-
SSDEEP
24576:bYO8wJFOtz7uuqEP+1MoIpgpgi2esTTPfQHSvMYdihbjct3sP8ZS3pdWMhLaw:koqAI4sTTP4smZ58wl
-
Drops startup file
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-