General
-
Target
Loader.exe
-
Size
6.9MB
-
Sample
230328-vgq7laca98
-
MD5
bdb3a40fd8492b77a61f49716ea2e116
-
SHA1
bbf5b499f6caaddd44a542c863589151da2f34e6
-
SHA256
2832ce932226e5dc42ff6c4b99755bd19234b31f1cd05c33cb7f409b467667cb
-
SHA512
dbef132e67b22ed12d4b1da64965f4d6c09a821f2533c3a1a51d002d0c1a02bdd908dccfae0e236aedc37ccc6853a60ec3394f65fd1cada2fdd9a8bc6d7b7618
-
SSDEEP
196608:LCGxbAQ5owejuJDUX47dwdW0LBTYPERR:fxCaUX47d4xZ
Behavioral task
behavioral1
Sample
Loader.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Loader.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
xworm
partner-enforcement.at.ply.gg:45527
-
install_file
USB.exe
Targets
-
-
Target
Loader.exe
-
Size
6.9MB
-
MD5
bdb3a40fd8492b77a61f49716ea2e116
-
SHA1
bbf5b499f6caaddd44a542c863589151da2f34e6
-
SHA256
2832ce932226e5dc42ff6c4b99755bd19234b31f1cd05c33cb7f409b467667cb
-
SHA512
dbef132e67b22ed12d4b1da64965f4d6c09a821f2533c3a1a51d002d0c1a02bdd908dccfae0e236aedc37ccc6853a60ec3394f65fd1cada2fdd9a8bc6d7b7618
-
SSDEEP
196608:LCGxbAQ5owejuJDUX47dwdW0LBTYPERR:fxCaUX47d4xZ
Score10/10-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-