Overview

overview

10

Static

static

10

4688-147-0...ry.exe

windows7-x64

4688-147-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4688-147-0x0000000000400000-0x0000000000410000-memory.dmp

  • Size

    64KB

  • MD5

    39fd1bf5a4b22a4f5a9495f7b69cccdc

  • SHA1

    388a40e33bd501dcde4455ccc3b49886d9d4ecf9

  • SHA256

    88ddc5d7d2858112e3b29d549ca9538fb2abae92369436a48c0e33fa88266187

  • SHA512

    9a825a046033307fc5161e5dbb63aac4fe311559f90e8bbb6d2085c3b5d78305d2df98cb3aab97f09635e0a61180532bad33c49c77ca9bd33827bb79f3e782ca

  • SSDEEP

    768:YOVrL2ewDXZTWb6g7EOkzF209qFHSO+hfsM9uS2:BKdaGoyFj9qAO+1YH

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

95.214.27.226:7000

Mutex

XHRyXMaO7rs4q4LW

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4688-147-0x0000000000400000-0x0000000000410000-memory.dmp
    .exe windows x86


    Headers

    Sections