Overview

overview

10

Static

static

10

2736-66-0x...ry.exe

windows7-x64

2736-66-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2736-66-0x0000000000400000-0x000000000040E000-memory.dmp

  • Size

    56KB

  • MD5

    e9888e575a9213fae39eea033c03aea3

  • SHA1

    45b22f761d45faf1da0feb4e5833a2ac28e038df

  • SHA256

    97acb781fc353db15e6f55224cac275b382b794e507437a94929bb7291f8df09

  • SHA512

    bc6958f7146dc64950966adf57d2cda6379de6631f13fde7638d23327c818e1ab9ce3b9c51ffba4505994f189f263cd0b2b2c4b36b29c651d4cf6c714ca05c61

  • SSDEEP

    1536:XDGkptwyZScCkU4rAUsZcB5eHF592bO95:pkUsBF592bO9

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

newbitnow.duckdns.org:7001

Mutex

AYwHZ3QFQ7zMJ14f

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2736-66-0x0000000000400000-0x000000000040E000-memory.dmp
    .exe windows x86


    Headers

    Sections