General
-
Target
XWormContent.exe
-
Size
10KB
-
Sample
230322-bjc8zaea63
-
MD5
7d4e7449b76c34210100ea88c163c7fb
-
SHA1
ef679b47eb42f162355e8772ceb25712dc7ec75e
-
SHA256
4fc4ae98d231e2bf0b8d4ad5463d9d4f673c1d5d63dc98838cf14a61d64ce6e6
-
SHA512
d0ef46b3e5622160e9f6ce5cac8f2b14a10bad8e2c1f91a7e1d9713fd6ed844cf74817ca050e1a2d95ee9cd24ec01c67b6e279acddc95449553effbb8354ec1e
-
SSDEEP
192:qLH2ANdaLix1upSiP/VunlYJLLLTuzTVQLFjb5cqfM:qLH2ydaLiO3hPLTucTf
Static task
static1
Behavioral task
behavioral1
Sample
XWormContent.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
XWormContent.exe
Resource
win10v2004-20230221-en
Malware Config
Targets
-
-
Target
XWormContent.exe
-
Size
10KB
-
MD5
7d4e7449b76c34210100ea88c163c7fb
-
SHA1
ef679b47eb42f162355e8772ceb25712dc7ec75e
-
SHA256
4fc4ae98d231e2bf0b8d4ad5463d9d4f673c1d5d63dc98838cf14a61d64ce6e6
-
SHA512
d0ef46b3e5622160e9f6ce5cac8f2b14a10bad8e2c1f91a7e1d9713fd6ed844cf74817ca050e1a2d95ee9cd24ec01c67b6e279acddc95449553effbb8354ec1e
-
SSDEEP
192:qLH2ANdaLix1upSiP/VunlYJLLLTuzTVQLFjb5cqfM:qLH2ydaLiO3hPLTucTf
Score10/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-