General
-
Target
2680-56-0x00000000003F0000-0x00000000003FE000-memory.dmp
-
Size
56KB
-
MD5
ff971e8d14d7646a9b45c4b9875c6292
-
SHA1
42e073d6e8c1ba2f9a695dedd34d5a8d2c70f4ca
-
SHA256
e7384e911c5c90c3482ff035d5f49e8e107e4188b7f808bd8d93947067041dc8
-
SHA512
4fc1b955dec0417a5564fd961ed9ec3cbb98cd176efaec004a3da57fce736a272d4fa867c1df25474222937e1f10192906b293b03dbf120b0f3bef2a60628f31
-
SSDEEP
768:6YZCbocfBfA84IcZHO7N0ZFR9yo2OjhW/RO:6YZCbvfBfARHZuaFR9ydOjkJO
Score
10/10
Malware Config
Extracted
Family
xworm
C2
stores-anytime.at.ply.gg:36673
Mutex
eAfOg41MsN4M08KI
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2680-56-0x00000000003F0000-0x00000000003FE000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections