General
-
Target
049b7a8f84d8c8e7932bfc6e97362c30.bin
-
Size
1.2MB
-
Sample
230203-j1tahsda29
-
MD5
38b9b253f99262a8e81f6780f922bf80
-
SHA1
4f81c204712cbdb9678e37879574494919d072ca
-
SHA256
a6b8256d8bb6baae903fa5a55cfed22b55f1925f0f11c23f58d492d84073dd58
-
SHA512
b56d12f241bd9783b4220ac3d38be190fc9e2ede996c36614a0d0debd8e5cb1097e693177c96935bc7a9e8ca3c61863546256b731d435b54cca8e2292a4cb7bf
-
SSDEEP
24576:F14QrXRGccT6hFEoNYp5bnKRoXvyeR8exkxM0SErbBlM7xG0oGsllPy:F1bRG9e/EKazK6XvXxkjXAtG08Py
Static task
static1
Behavioral task
behavioral1
Sample
2716cfd0d3479d42e903bd0c835b91fd5918a02fb63bdc1b52f73921bf4b307a.exe
Resource
win7-20221111-en
Malware Config
Extracted
xworm
127.0.0.1:7000
TU53fgvTBLouBDSy
-
install_file
USB.exe
Targets
-
-
Target
2716cfd0d3479d42e903bd0c835b91fd5918a02fb63bdc1b52f73921bf4b307a.exe
-
Size
1.6MB
-
MD5
049b7a8f84d8c8e7932bfc6e97362c30
-
SHA1
f3d85b5214062a92ecacd0a65e02593e44ab188a
-
SHA256
2716cfd0d3479d42e903bd0c835b91fd5918a02fb63bdc1b52f73921bf4b307a
-
SHA512
eb0c58f723a9c6a2d3d29b10f89538845cfbdaa2d4579de4238a0753050154dacc7832cc20f858b757fd6a2e491b5f775262f670309b7691437910c59a106924
-
SSDEEP
24576:bYO8wJFOtz7uuqEP+1MoIpgpgi2esTTPfQHSvMYdihbjct3sP8ZS3pdWMhLaw:koqAI4sTTP4smZ58wl
-
Drops startup file
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-