General
-
Target
748-106-0x0000000000400000-0x000000000040E000-memory.dmp
-
Size
56KB
-
MD5
7569322408c620d4417a2e842b9fe9c4
-
SHA1
1a18c9166df2c767a5bd98b82b193fd6fd65cce0
-
SHA256
b84a039c7821661275eae64a2b50804b2c0d27327fbfe58a5320423f622c9a0d
-
SHA512
dac84c4dc2dd627d3b790948f98aa6d9f69f67991439acca99206cbc737a6fe8d5cbd5db2bf361039a5d24689d487bf01b184e48dc95f9565e85fafd5c21fa15
-
SSDEEP
768:fQIv8wy47Yw/ofb73xYFT9R42Oqhnbse:Hv8wyyj/ofOFT9R42OqlF
Score
10/10
Malware Config
Extracted
Family
xworm
C2
herbet.ddns.com.br:7000
Mutex
DgyJNvHEd4GrHRPf
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
748-106-0x0000000000400000-0x000000000040E000-memory.dmp
Headers
Sections